Exploit Epic Games Unreal Tournament Server 436.0 - Engine Remote Format String

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
23799
Проверка EDB
  1. Пройдено
Автор
LUIGI AURIEMMA
Тип уязвимости
DOS
Платформа
MULTIPLE
CVE
cve-2004-1805
Дата публикации
2004-03-10
Код:
source: https://www.securityfocus.com/bid/9840/info

A format string vulnerability has been reported to exists in the Unreal Tournament server engine. This issue is due to a failure of the server application to properly sanitize user supplied network data.

Ultimately this vulnerability could allow for execution of arbitrary code on the system implementing the affected server software, which would occur in the security context of the server process.

Example:

From:
Class=Engine.Pawn

To:
Class=%n%nEngine.Pawn

If the game is vulnerable it will crash when launched.
 
Источник
www.exploit-db.com

Похожие темы