Online Gaming Systems Vulnerable

 
 
By Brett Glass  |  Posted 2003-02-13 Print this article Print
 
 
 
 
 
 
 

According to an advisory and press release from security firm PivX Labs, online gaming systems created by Epic Games are vulnerable to "a laundry list" of dangerous exploits.

According to an advisory and press release from security firm PivX Labs, online gaming systems created by Epic Games are vulnerable to "a laundry list" of dangerous exploits. According to the researchers, the vulnerabilities in Epics Unreal Gaming Engine include "local and remote DoS, DDoS, bounce attacks with spoofed UDP packets, fake players, execution of malicious code without size limitations, Unreal URL crash, and more." The vulnerable games are said to include:
  • Star Trek: The Next Generation: Klingon Honor Guard
  • Unreal
  • The Wheel of Time
  • Deus Ex
  • Mobile Forces
  • Rune
  • Unreal Tournament
  • Hired Guns
  • Navy Seals
  • TNN Outdoor Pro Hunter
  • Werewolf
  • X-Com: Alliance
  • Adventure Pinball
  • Americas Army
  • Unreal Tournament 2003
While the vulnerabilities were discovered and reported more than 90 days ago, Epic Games is only now developing and distributing fixes for the problems. Owners of these games should check with the vendor to determine what must be done to patch them. Epic has released a patch for the Epic Games Unreal Tournament Server 436.0. For more information, and a patch to fix this problem, see this article from Security Focus Online.
 
 
 
 
Brett Glass has more than 20 years of experience designing, building,writing about, and crash-testing computer hardware and software. (A born'power user,' he often stresses products beyond their limits simply bytrying to use them.) A consultant, author, and programmer based inLaramie, Wyoming, Brett obtained his Bachelor of Science degree inElectrical Engineering from the Case Institute of Technology and his MSEEfrom Stanford. He plans networks, builds and configures servers, outlinestechnical strategies, designs embedded systems, hacks UNIX, and writeshighly optimized assembly language.

During his rather eclectic career, Brett has written portions of the codeand/or documentation for such widely varied products as Borland's Pascal'toolboxes' and compilers, Living Videotext's ThinkTank, Cisco Systemsrouters and terminal servers, Earthstation diskless workstations, andTexas Instruments' TMS380 Token Ring networking chipset. His articleshave appeared in nearly every major computer industry publication.

When he's not writing, consulting, speaking, or cruising the Web insearch of adventure, he may be playing the Ashbory bass, teachingInternet courses for LARIAT (Laramie's community network and Internetusers' group), cooking up a storm, or enjoying 'extreme'-ly spicy ethnicfood.

To mail Brett, visit his Web form.

 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel