Re: [ut3servers] Server termination

Same IP was by me...i blocked allready the complete IP range

78.92.72.0 - 78.92.79.255


David Hurren schrieb:
> GUYS PLEASE FIX THIS
>
> both of my servers went down today by the same person
>
> the IP that might of took it down was 78.92.72.50
>
> ----- Original Message ----- From: "[PHX]Big_Deal"
> <admin (AT) PHOENIX-4EVER (DOT) DE>
> To: <UT3SERVERS (AT) LIST (DOT) EPICGAMES.COM>
> Sent: Saturday, September 13, 2008 3:04 PM
> Subject: [ut3servers] Server termination
>
>
>> Hi
>> Today my server shut down allready 3 times with this error
>>
>> Critical: appError called:
>> Critical: Ran out of virtual memory. To prevent this condition, you
>> must free up more space on your primary hard disk.
>> Critical: Windows GetLastError: Falscher Parameter. (87)
>> Log: === Critical error: ===
>> Ran out of virtual memory. To prevent this condition, you must free
>> up more space on your primary hard disk.
>>
>> RaiseException() Address = 0x7c812aeb (filename not found)
>> CxxThrowException() Address = 0x78158e89 (filename not found)
>> Address = 0xba0102 (filename not found)
>> Address = 0xe8781b4c (filename not found)
>>
>> I know it comes from from this bug:
>> The problem is located in the function which reads the strings from the
>> packet where is located a 32 bit number (was an index number in the
>> previous Unreal engine 1 and 2) which specifies the size in bytes of
the
>> subsequent string to read.
>>
>> This function removes the sign of the number if it's negative and then
>> tries to allocate an amount of memory double than this value because
Read more on: : i3D.net Game Forums /unreal-tournament-3-newsletter/40920-re-ut3servers-server-termination.html
>> the new buffer is used for containing the unicode version of the
string.
>> Before copying the data is performed an additional check on the sign of
>> the value for avoiding integer overflows (for example using the value
>> 0x80000000).
>>
>> If an attacker uses a 32 bit number major than how much allocable on
>> the system (like 0x7fffffff) the engine terminates immediately showing
>> a log message like the following:
>>
>> Critical: Ran out of virtual memory. To prevent this condition, you
>> must free up more space on your primary hard disk."
>>
>> Turning Point: Fall of Liberty is another game which uses the Unreal
>> engine 3 but, differently to the others tested by me, the function
>> which allocates the memory doesn't shut down the entire game for
>> reporting the error but simply returns a NULL value (like a classical
>> malloc) which is correctly handled and so the game is not vulnerable.
>>
>> The attack can be performed versus the server using one simple UDP
>> packet with the possibility of spoofing it.
>>
>> We need a urgent fix!
>>
>> --
>> [PHX]Big_Deal
>> Leader and Admin
>>
>> PHOENIX UT3 SERVER : ut3://195.245.9.170:6666
>> PHOENIX UT2004 VCTF AND TAM SERVER : ut2004://195.245.9.170:7777
>> PHOENIX HOMEPAGE: http://www.phoenix-4ever.de
>>
>> ---------------------
>> TO LEAVE THE LIST
>> ---------------------
>> Write to LISTSERV (AT) LIST (DOT) EPICGAMES.COM and, in the text of your
>> message
>> (not the subject line), write: SIGNOFF UT3SERVERS
>
> ---------------------
> TO LEAVE THE LIST
> ---------------------
> Write to LISTSERV (AT) LIST (DOT) EPICGAMES.COM and, in the text of your
message
> (not the subject line), write: SIGNOFF UT3SERVERS
>
>

--
[PHX]Big_Deal
Leader and Admin

PHOENIX UT3 SERVER : ut3://195.245.9.170:6666
PHOENIX UT2004 VCTF AND TAM SERVER : ut2004://195.245.9.170:7777
PHOENIX HOMEPAGE: http://www.phoenix-4ever.de

---------------------
TO LEAVE THE LIST
---------------------
Write to LISTSERV (AT) LIST (DOT) EPICGAMES.COM and, in the text of your message
(not the subject line), write: SIGNOFF UT3SERVERS