Unreal Tournament Server spoofed UDP packet negative index value denial of service

ut-negative-udp-dos (12012) The risk level is classified as LowLow Risk

Description:

Unreal Tournament Server is vulnerable to a denial of service. A remote attacker can send a spoofed UDP packet with a negative index value, to consume all available memory resources and cause the system to crash.

Platforms Affected:

  • Epic Games, Unreal Tournament Server 2003 2199 and 2206
  • Gentoo, Linux

Remedy:

Apply the ut2003lnx_patch2225 patch, as listed in the BugTraq Mailing List posting dated Tue May 13 2003 - 15:19:18 CDT. See References.

For Gentoo Linux:
Upgrade to the latest gnupg package (1.2.2 or later), as listed in Gentoo Linux Security Announcement 200305-05. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

Consequences:

Denial of Service

References:

  • BugTraq Mailing List, Tue May 13 2003 - 15:19:18 CDT , UT2003 client passive DoS exploit at http://archives.neohapsis.com/archives/bugtraq/2003-05/0142.html.
  • Gentoo Linux Security Announcement 200305-05, ut2003-demo Passive DOS exploit at http://www.linuxsecurity.com/content/view/105005/104/.
  • BID-6770: Epic Games Unreal Engine Memory Consumption Denial Of Service Vulnerability
  • BID-6772: Epic Games Unreal Engine Package Files Code Execution Vulnerability
  • CVE-2003-1432: Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file.

Reported:

May 13, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page