Slashdot Mirror


Unreal Security Hole

Screaming Lunatic writes "There seems to be a big security hole in the Unreal engine that has been around for about 5 years. It affects servers for a number of games and operating systems, including Linux (which accounts for about 40% of UT2003 servers). Epic has been working on a patch for about 3 months. Imagine the bad publicity games would receive if a worm on the scale of Slammer had been created." A Bugtraq post from Thor Larholm of Pivx, says that Marc Rein of Epic threatened PivX with "getting our lawyers involved with this"; the TechTV article Larholm cites (the same one linked from this submission), however, contains no mention of legal action. Rein nonetheless apologized for "those completely unfortunate comments" in a followup message to Bugtraq.

10 of 250 comments (clear)

  1. Uh oh... by Electrode · · Score: 5, Funny

    So, how long until we see the "Monster Kill" virus begin to make the rounds?

  2. Watch out! by Joe+the+Lesser · · Score: 5, Funny

    Slammer_Worm is on a killing spree!
    Slammer_Worm is on rampage!
    Slammer_Worm is dominating!
    Slammer_Worm is unstoppable!
    Slammer_Worm is Godlike!!!

    --
    "I only speak the truth"
    Karma: null(Mostly affected by an unassigned variable)
  3. Re:Games are worse than drugs. by leviramsey · · Score: 5, Funny
    Am I the only one to see a whole generation being wasted by such games like CS? I know ppl who play it 12 hours a day, god damn it! If someone would compare the degeneration of health/brain etc from CS vs. Grass, I bet CS would win.

    When you play CS, you're supporting terrorists!

  4. $250/hr to play games? by EvilStein · · Score: 5, Funny

    "threatened PivX with "getting our lawyers involved with this""

    No, let's not let the lawyers get involved. THey make enough per hour as it is - we don't need to pay anyone $250/hr to play Unreal Tournament for "case notes."

    Wait.. then again, lawyers in Unreal Tournament games. Hrm. It could be an all-out fragfest on a level that nobody could have ever imagined before. I like that idea!

  5. I really like Rein's comment by rasteri · · Score: 5, Funny

    "I won't sugar coat this. We f***ed up on this. Yes this is real and yes this was brought to our attention and yes we should have fixed it by now."

    I get the feeling that I'll be in my cold, cold grave before Microsoft starts releasing statements like this :)

    But seriously, it's nice to see a large company admitting it has "F***ed up".

  6. Aha! by Anonymous Coward · · Score: 5, Funny

    that's why I've lost so many matches! Somebody is executing malicious code that screws up my aim and makes me play like crap.

  7. Unreal players discussing the security hole by joe_bruin · · Score: 5, Funny

    GG
    NEW MAP!!!!!!!!!!!!!!!!!!1111
    GG EVARYBODY
    ZEROSTUD IS A CHEATER
    YEAH, I
    OMFG UR TEH LAMER
    SHUTUP, U CAMPING FAG
    [FGP]-Killaz-X -0- LAG!
    NO LAG U SUX
    NO FUCK YOU
    I GET 20 PING
    U GUYS HERE ABOUT TEH SECURITY THING??!
    GG
    NEW MAP
    LATZ, IM GONNA PLAY CS
    FUCK YOU
    KILLING SPREE
    UR CHEATING
    KICK HIM
    STFU U LAMR, YUO SUK
    VOTE ON NEW MAP

  8. Re:Links by Zeinfeld · · Score: 5, Funny
    More [bluesnews.com] at bluesnews.

    I heard of Blues Clues, but Blue's news?

    To play Blues News you have to find a bug
    Stick it in your notebook and describe the hole you've dug
    Find another pawprint, thats the second bug
    Stick it in your notebook and go catch the cyber-thug
    Find the last pawprint, thats the third bug
    Stick it in your notebook, get your coffee mug
    Sit down in the thinking chair and think, think think.
    Cos when we use our minds take a step at a time you can dooo anything, and on billable hours too.

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/
  9. Re:Convenient Too! by DASHSL0T · · Score: 5, Funny

    That's like Microsoft providing a web page showing which IIS servers are still affected by code red and showing their IP's.

    Given how well they did with patching their network over Slammer, I think the list would start with:
    127.0.0.1

    --
    Freedom Is Universal
    Linux-Universe
  10. Re:Let's not overreact here... by Atomizer · · Score: 5, Funny

    Yeah, just think the Unreal worm hits, and suddenly office productivity increases all over the world.