Unreal engine updates and Battle Mages advisory

To: bugtraq@xxxxxxxxxxxxxxxxx, bugs@xxxxxxxxxxxxxxxxxxx, news@xxxxxxxxxxxxxx
Subject: Unreal engine updates and Battle Mages advisory
From: Luigi Auriemma <aluigi@xxxxxxxxxxxxxx>
Date: Thu, 11 Mar 2004 14:25:23 +0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

I have an update about the methods used to test the format string
vulnerability in the Unreal engine I reported yesterday.
I have solved a problem in the windows version of my proof-of-concept
unrfs-poc (now version 0.1.1):

  http://aluigi.altervista.org/poc/unrfs-poc.zip


The following instead is a very fast and easy method to test the Unreal
engine based games without using external programs or complicated exploits.
I highly suggest users to use this quick method instead of the previous
proof-of-concept:

-----
   Another method to test the vulnerability is the adding of %n after
   "Class=" in the file system/user.ini

   Example:

   From:
     Class=Engine.Pawn

   To:
     Class=%n%nEngine.Pawn

   If the game is vulnerable it will crash when launched.
-----


The last news regards an advisory about a server freeze bug in the new game
Battle Mages:

  http://aluigi.altervista.org/adv/battlemages-adv.txt


BYEZ


--- 
Luigi Auriemma
http://aluigi.altervista.org

Follow-Ups:
- Re: Unreal engine updates and Battle Mages advisory
  - From: Todd Chapman

Prev by Date: [RHSA-2004:093-01] Updated sysstat packages fix security vulnerabilities
Next by Date: Cpanel 8.*.* have a problem ?
Previous by thread: [RHSA-2004:093-01] Updated sysstat packages fix security vulnerabilities
Next by thread: Re: Unreal engine updates and Battle Mages advisory
Index(es):
- Date
- Thread