Fw: [ut2003bugs] remote denial of service in ut2003 demo

["Arne Schwerdtfegger" <knud () skodliv dk>]

This might be of interest since the isse at hand is fixed now.

----- Original Message -----
From: "Daniel Vogel" <vogel () epicgames com>
To: "Arne Schwerdtfegger" <knud () skodliv dk>; <ut2003bugs () epicgames com>
Sent: Saturday, September 14, 2002 11:11 PM
Subject: RE: [ut2003bugs] remote denial of service in ut2003 demo


> We will address this denial of service attack shortly.
>
> Thanks!
>
> -- Daniel, Epic Games Inc.
>
> > -----Original Message-----
> > From: owner-ut2003bugs () lists epicgames com
> > [mailto:owner-ut2003bugs () lists epicgames com]On Behalf Of Arne
> > Schwerdtfegger
> > Sent: Saturday, September 14, 2002 5:03 PM
> > To: ut2003bugs () epicgames com
> > Subject: [ut2003bugs] remote denial of service in ut2003 demo
> >
> >
> > Dear sirs,
> >
> > It's possible to crash the client/the dedicated server by sending 1-3
> > character to udp ports 7778 or 10777. 4 characters will produce the
> > following in the console: "Log: Unkown ping request command: 65".
> > This can be reproduced with netcat[1] as follows:
> > echo "a" | nc -u target 10777
> >
> > Doing something like `cat /dev/urandom | nc -u target 7778`
> > will flood the console with "Log: RecvFrom returned SOCKET_ERROR 10040"
> >
> > The tested platform was windows 2000 with servicepack 3, not that I
think
> > it matters.
> >
> > [1] http://www.atstake.com/research/tools/
> > --
> > Knud Erik Højgaard
> > knud () INVALIDskodliv dk