According to a posting on BugTraq, an attacker can sniff the packets of incoming key authorizations, and reproduce them continuously. This will result in every CD-key that is sniffed to be shown as “currently in use” by the GameSpy servers, preventing gamers from playing online in a great many numbers of games.

This seems to be a big one, as every game made by the GameSpy partners is vulnerable to this attack. It’s only an annoyance, as the real CD-key cannot be determined by this attack; however, it does allow unscrupulous administrators to deny you access to a game.

Some of the games which are affected by this include Halo PC, Battlefield 1942, Battlefield Vietnam, Men of Valor, Painkiller, Star Wars Battlefront, Star Wars Republic Commando, Tribes: Vengeance, and many more. Basically, every large multiplayer PC game can be hurt by this.

While I’m sure that this will be resolved soon, it’s never a good thing when a large security system like GameSpy’s can be tricked this easily. Of course, with the downward spiral that the GameSpy network has taken over the last five years, something like this does not surprise me.

Read the full bug report here.