Luigi Does It Again! UT2004 Remote DoS

If there's a UT2004 server operator you don't like out there somewhere, you're in luck! Our old pal, Luigi Auriemma has discovered a remote Denial of Service (DoS) against the UT2004 server engine.

Really, I do like Luigi... my servers have been hit by every Proof of Concept (PoC) he's ever published... he is the guy in game security. The man has no equal!

I haven't tried the PoC (I lost my UT2004 server after the hard drive crash last December and never put another one up) but Luigi's code always works as advertised.

Details, link to code below...

###########################################

Luigi Auriemma
Application: Unreal Tournament 2004
Versions: <= v3369
Platforms: Windows and Linux
Bug: NULL pointer
Exploitation: remote, versus server
Date: 30 Jul 2008
Author: Luigi Auriemma
e-mail: aluigi@autistici.org
web: aluigi.org

###########################################

1) Introduction
2) Bug
3) The Code
4) Fix

###########################################

===============
1) Introduction
===============

Unreal Tournament 2004 is a well known FPS game developed by Epic Games (http://www.epicgames.com/) and released at the beginning of the 2004.

###########################################

======
2) Bug
======

Through a specific sequence of packets an attacker is able to crash the UT2004 server due to a NULL pointer exception.

###########################################

===========
3) The Code
===========

http://aluigi.org/poc/ut2004null.zip

###########################################

======
4) Fix
======

No fix

###########################################

---
Luigi Auriemma
http://aluigi.org
http://backup.aluigi.org
http://mirror.aluigi.org