CVE-2007-4443 - The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote att

CVE-2007-4443

Summary

The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote attackers to cause a denial of service (continuous beep and server slowdown) via a string containing many 0x07 characters in (1) a request to the images/ directory, (2) the Content-Type field, (3) a HEAD request, and possibly other unspecified vectors.

References

Vulnerable Configurations

cpe:2.3:a:epic_games:unreal_engine:2003:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_engine:2003:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_engine:2004:*:*:*:*:*:*:*
cpe:2.3:a:epic_games:unreal_engine:2004:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 15-10-2018 - 21:35)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bugtraq	20070818 Unexploitable buffer-overflow in the logging function of the Unreal engine 20070829 Re: Unexploitable buffer-overflow in the logging function of the Unreal engine 20070829 Re[2]: Unexploitable buffer-overflow in the logging function of the Unreal engine
misc	http://aluigi.org/adv/unrwebdos-adv.txt http://aluigi.org/poc/unrwebdos.zip
secunia	26506
sreason	3039
xf	unreal-multiple-command-dos(36103)

Last major update

15-10-2018 - 21:35

Published

21-08-2007 - 00:17

Last modified

15-10-2018 - 21:35