The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
unreal_engine | eq | 2003 | |
unreal_engine | eq | 2004 |
aluigi.org/adv/unrwebdos-adv.txt
aluigi.org/poc/unrwebdos.zip
secunia.com/advisories/26506
securityreason.com/securityalert/3039
www.securityfocus.com/archive/1/477026/100/0/threaded
www.securityfocus.com/archive/1/478053/100/200/threaded
www.securityfocus.com/archive/1/478064/100/200/threaded
exchange.xforce.ibmcloud.com/vulnerabilities/36103