Quake Server Empty udp DoS Vulnerability
BID:1900
Info
Quake Server Empty udp DoS Vulnerability
| Bugtraq ID: | 1900 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 01 2000 12:00AM |
| Updated: | Nov 01 2000 12:00AM |
| Credit: | This vulnerability was first publicly announced by alex medvedev <[email protected]> on November 1, 2000. |
| Vulnerable: |
J. P. Grossman ProQuake 1.0 id Software Quake 1.9 |
| Not Vulnerable: | |
Discussion
Quake Server Empty udp DoS Vulnerability
Quake1 Server is a software package designed to host multiple Quake players over a network for interactive play. A vulnerability exists in this software that can allow a malicious user to remotely crash a Quake server.
It is reported that Quake1 Server software fails to handle blank udp packets correctly. Upon receiving a specially crafted udp packet, the Quake1 Server discontinues responding to any requests. This results in a Denial of Service.
Quake1 Server is a software package designed to host multiple Quake players over a network for interactive play. A vulnerability exists in this software that can allow a malicious user to remotely crash a Quake server.
It is reported that Quake1 Server software fails to handle blank udp packets correctly. Upon receiving a specially crafted udp packet, the Quake1 Server discontinues responding to any requests. This results in a Denial of Service.
Exploit / POC
Quake Server Empty udp DoS Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Quake Server Empty udp DoS Vulnerability
Solution:
The following upgrade is available for Proquake:
J. P. Grossman ProQuake 1.0
Solution:
The following upgrade is available for Proquake:
J. P. Grossman ProQuake 1.0
-
J. P. Grossman gl gqpro102.zip
http://shreddies.ai.mit.edu/proquake/glpro102.zip -
J. P. Grossman linux sqpro102.zip
http://shreddies.ai.mit.edu/proquake/sqpro102.zip -
J. P. Grossman win32 wqpro102.zip
http://shreddies.ai.mit.edu/proquake/wqpro102.zip
References
Quake Server Empty udp DoS Vulnerability
References:
References: