Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:5888
HistoryMar 11, 2004 - 12:00 a.m.

Unreal engine updates and Battle Mages advisory

2004-03-1100:00:00
vulners.com
16
JSON

I have an update about the methods used to test the format string
vulnerability in the Unreal engine I reported yesterday.
I have solved a problem in the windows version of my proof-of-concept
unrfs-poc (now version 0.1.1):

http://aluigi.altervista.org/poc/unrfs-poc.zip

The following instead is a very fast and easy method to test the Unreal
engine based games without using external programs or complicated exploits.
I highly suggest users to use this quick method instead of the previous
proof-of-concept:

Another method to test the vulnerability is the adding of %n after
"Class=" in the file system/user.ini

Example:

From:
Class=Engine.Pawn

To:
Class=%n%nEngine.Pawn

If the game is vulnerable it will crash when launched.

The last news regards an advisory about a server freeze bug in the new game
Battle Mages:

http://aluigi.altervista.org/adv/battlemages-adv.txt

BYEZ

Luigi Auriemma
http://aluigi.altervista.org

JSON