![]() |
|
|
|
Send
News. Want a reply? Read
this. More in the FAQ.
News
Forum - All
Forums - Mobile - PDA - RSS Headlines |
A recently posted BugTraq listing (thanks 3DGPU)
outlines a vulnerability in Epic's Unreal engine that's susceptible to
DoS, DDoS and bounce attacks with spoofed UDP packets. The report outlines the
problem, which affects dozens of games from Unreal through UT2003, and
describes how the author of the report held off on publicizing this for almost
three months to give time for Epic to devise a fix. I contacted Epic's Mark Rein
to ask about this and he was very frank about how this had indeed been brought
to their attention, but had unfortunately fallen through the cracks. He sent
along a list of changes for the
next planned UT2003 patch which will now address these vulnerabilities, and
says it's likely that a small patch will be issued to address these in the
original version of Unreal Tournament as well. As for other games using the
Unreal engine, he says that fixes like this are always made available to
licensees, who will then be able to issue patches of their own should they so
choose. Here is Mark's no-holds-barred assessment of why this went unaddressed
after being brought to their attention:
|
![]()
![]()
Copyright © 1996-2016 Stephen Heaslip. All rights reserved.
All trademarks are properties of their respective owners.
News CGI copyright © 1999-2016 James "furn" Furness &
Blue's News.
All rights reserved.
Chatbear v1.4.0/blue++: Page generated 8 August 2016, 13:50.
Chatbear Announcements.