This might be of interest since the isse at hand is fixed now. ----- Original Message ----- From: "Daniel Vogel" <vogel@epicgames.com> To: "Arne Schwerdtfegger" <knud@skodliv.dk>; <ut2003bugs@epicgames.com> Sent: Saturday, September 14, 2002 11:11 PM Subject: RE: [ut2003bugs] remote denial of service in ut2003 demo > We will address this denial of service attack shortly. > > Thanks! > > -- Daniel, Epic Games Inc. > > > -----Original Message----- > > From: owner-ut2003bugs@lists.epicgames.com > > [mailto:owner-ut2003bugs@lists.epicgames.com]On Behalf Of Arne > > Schwerdtfegger > > Sent: Saturday, September 14, 2002 5:03 PM > > To: ut2003bugs@epicgames.com > > Subject: [ut2003bugs] remote denial of service in ut2003 demo > > > > > > Dear sirs, > > > > It's possible to crash the client/the dedicated server by sending 1-3 > > character to udp ports 7778 or 10777. 4 characters will produce the > > following in the console: "Log: Unkown ping request command: 65". > > This can be reproduced with netcat[1] as follows: > > echo "a" | nc -u target 10777 > > > > Doing something like `cat /dev/urandom | nc -u target 7778` > > will flood the console with "Log: RecvFrom returned SOCKET_ERROR 10040" > > > > The tested platform was windows 2000 with servicepack 3, not that I think > > it matters. > > > > [1] http://www.atstake.com/research/tools/ > > -- > > Knud Erik Højgaard > > knud@INVALIDskodliv.dk > > > >
