Epic Games Unreal Engine Logging Function Remote Denial of Service Vulnerability

Bugtraq ID:	25374
Class:	Boundary Condition Error
CVE:	CVE-2007-4442
Remote:	Yes
Local:	No
Published:	Aug 20 2007 12:00AM
Updated:	May 07 2015 05:35PM
Credit:	Discovery is credited to Luigi Auriemma <[email protected]>.
Vulnerable:	Epic Games Unreal Tournament Server 436.0 Epic Games Unreal Tournament 2004 win32 Epic Games Unreal Tournament 2004 macOS Epic Games Unreal Tournament 2004 3236 Epic Games Unreal Tournament 2003 Demo Version 2206 win32 Epic Games Unreal Tournament 2003 Demo Version 2206 linux Epic Games Unreal Tournament 2003 2225 win32 Epic Games Unreal Tournament 2003 2225 macOS Epic Games Unreal Tournament 2003 2199 win32 Epic Games Unreal Tournament 2003 2199 macOS Epic Games Unreal Tournament 2003 2199 linux Epic Games Unreal Engine 436 + ARUSH Devastation 390.0 + ARUSH Devastation 381.0 + ARUSH Devastation 380.0 + Atari Magic The Gathering: Battlegrounds 1.4 + Atari Magic The Gathering: Battlegrounds 1.3 + Atari Magic The Gathering: Battlegrounds 1.2 + Atari Magic The Gathering: Battlegrounds 1.1 + Atari Magic The Gathering: Battlegrounds 1.0 + Atari Nerf Arena Blast + Eidos DeusEx 1.2 + Eidos DeusEx 1.1 + Eidos DeusEx 1.0 + Human Head Studios Rune 1.0.1 + Human Head Studios Rune 1.0 + Microprose Software Star Trek: Klingon Honor Guard + Microprose Software Tactical Ops 3.4 + Microprose Software Tactical Ops 3.3 + Microprose Software Tactical Ops 3.2 + Microprose Software Tactical Ops 3.1 + Microprose Software Tactical Ops 3.0 + Rage Software Mobile Forces + Running With Scissors Postal 2 + Ubi Rainbow Six: Raven Shield 1.5 + Ubi Rainbow Six: Raven Shield 1.4 + Ubi Rainbow Six: Raven Shield 1.3 + Ubi Rainbow Six: Raven Shield 1.2 + Ubi Rainbow Six: Raven Shield 1.1 + Ubi Rainbow Six: Raven Shield 1.0 + United States Department of Defense America's Army 2.0 .0 + United States Department of Defense America's Army: SFAS 2.0 .0a + United States Department of Defense America's Army: SFAS 1.9 .0 Epic Games Unreal Engine 3 Epic Games Unreal Engine 226f America's Army America's Army 2.8.2
Not Vulnerable:	Epic Games Unreal Tournament 3 1.3beta4

Epic Games Unreal Engine Logging Function Remote Denial of Service Vulnerability

The Unreal Engine is prone to a remote denial-of-service vulnerability because the application fails to properly bounds-check user-supplied input.

Successfully exploiting this issue allows remote attackers to corrupt application memory in a manner that causes a crash. Remote code execution may be possible, but this has not been confirmed.

Versions of Unreal Engine that are included in Unreal Tournament 2003 and 2004 are vulnerable. Given the reuse of the engine in multiple other products, other games and versions are also likely vulnerable.

This vulnerability also affects America's Army 2.8.2 when Punkbuster is enabled on the local server; other versions may also be vulnerable.

Epic Games Unreal Engine Logging Function Remote Denial of Service Vulnerability

The following exploits are available:

• /data/vulnerabilities/exploits/unrwebdos.zip
• /data/vulnerabilities/exploits/aaboompb.zip

Epic Games Unreal Engine Logging Function Remote Denial of Service Vulnerability

Solution:
Reportedly, Unreal Engine 451b is not affected by this issue. Please contact the vendor for details.

Epic Games Unreal Engine Logging Function Remote Denial of Service Vulnerability

References:

• America's Army Homepage (America's Army)
  
• Home Page (Epic Games)
  
• Unreal Tournament Homepage (Epic Games)
  
• Unexploitable buffer-overflow in America's Army 2.8.2 through PB (Luigi Auriemma)
  
• Unexploitable buffer-overflow in the logging function of the Unreal engine (Luigi Auriemma )