Unreal Engine Multiple Remote Vulnerabilities

critical Nessus Plugin ID 11228

Synopsis

The remote game server is affected by multiple vulnerabilities.

Description

The Unreal Engine in use on the remote game server is vulnerable to various attacks that may allow an attacker to use it as a distributed denial of service source or to execute arbitrary code on this host.

Note that Nessus appears to have disabled this service while testing for these flaws.

Solution

Contact the vendor for a patch.

See Also

https://seclists.org/bugtraq/2003/Feb/39

Plugin Details

Severity: Critical

ID: 11228

File Name: unreal_game_engine.nasl

Version: 1.22

Type: remote

Published: 2/12/2003

Updated: 11/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2/5/2003

Reference Information

CVE: CVE-2003-1430, CVE-2003-1431, CVE-2003-1432, CVE-2003-1433

BID: 6770, 6771, 6772, 6773, 6774, 6775

CWE: 119, 189, 22, 287, 94