Unreal Engine 'UnChan.cpp' Failed Assertion Remote Denial of Service Vulnerability

2014-07-01T00:00:00
ID SSV:85673
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

漏洞成因:

没有正确处理内存分配异常,导致拒绝服务漏洞

下列使用了该引擎的应用存在漏洞:

Unreal Tournament 3.1.3

Unreal Tournament 2003

Unreal Tournament 2004

Dead Man's Hand

Pariah

WarPath

Postal 2

Shadow Ops

exp:

http://www.securityfocus.com/data/vulnerabilities/exploits/31205.zip

参考:

http://www.securityfocus.com/bid/31205/exploit

                                        
                                            
                                                source: http://www.securityfocus.com/bid/31205/info

Unreal Engine is prone to a remote denial-of-service vulnerability because of an error in memory allocation.

An attacker could exploit this issue to crash applications that use the vulnerable engine and deny service to legitimate users.

The following applications using the engine are vulnerable:

Unreal Tournament 3.1.3
Unreal Tournament 2003
Unreal Tournament 2004
Dead Man's Hand
Pariah
WarPath
Postal 2
Shadow Ops

http://www.exploit-db.com/sploits/32386.zip