Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
Customize
User Settings
Styles:
LAN Parties
Upcoming one-time events:

Regularly scheduled events

Unreal Engine Exploit & Patch Plans

A recently posted BugTraq listing (thanks 3DGPU) outlines a vulnerability in Epic's Unreal engine that's susceptible to DoS, DDoS and bounce attacks with spoofed UDP packets. The report outlines the problem, which affects dozens of games from Unreal through UT2003, and describes how the author of the report held off on publicizing this for almost three months to give time for Epic to devise a fix. I contacted Epic's Mark Rein to ask about this and he was very frank about how this had indeed been brought to their attention, but had unfortunately fallen through the cracks. He sent along a list of changes for the next planned UT2003 patch which will now address these vulnerabilities, and says it's likely that a small patch will be issued to address these in the original version of Unreal Tournament as well. As for other games using the Unreal engine, he says that fixes like this are always made available to licensees, who will then be able to issue patches of their own should they so choose. Here is Mark's no-holds-barred assessment of why this went unaddressed after being brought to their attention:

I won't sugar coat this. We f***ed up on this. Yes this is real and yes this was brought to our attention and yes we should have fixed it by now. We are working on fixing this now and we will have this fixed in an upcoming patch before too long.

Post Comment
Enter the details of the comment you'd like to post in the boxes below and click the button at the bottom of the form.

22. Re: eh... Feb 6, 2003, 16:26 Xombie
 
Don't forget Deus Ex multiplayer (for the dozen or so people out there who use it).  
Xombie x0mbie x0mb|e Xombie
Reply Quote Edit Delete Report
 
Subject
Comment
     
 
      ;)   ;)   :(   :(   :o   :o   %)   %)   :)   :)   :|   :|   ;P   ;P   X|   X|   :D   :D   More
 
Login Email   Password Remember Me
If you have a signature set up, it will be automatically appended to your comment.
If you don't already have a Blue's News user account, you can sign up here.
Forgotten your password? Click here.
 
          Email me when this topic is updated.
 

Special Codes

  • b[bold text]b
  • i[italic text]i
  • u[underline text]u
  • -[strikethrough text]-
  • c[code text]c
  • +[bullet point]+
  • q[quote text (indented)]q
  • [quote="Author"]quote text (indented)[/quote]
  • [url=Link]text[/url]
  • r{red text}r
  • g{green text}g
  • b{blue text}b
  • m{maroon text}m
  • s{secret text (shows in the background colour)}s

Forum Rules

  1. Disagree all you want but attacks of a personal nature will not be tolerated.
  2. Ethnic slurs and homophobic language will not be tolerated.
  3. Do not post spam, links to warez sites, or instructions on how to obtain pirated software.
  4. Abusing the forums in any manner that could be construed as 'griefing' will not be tolerated.


footer

Blue's News logo