ioQuake3 Engine Multiple Remote Denial of Service Vulnerabilities

Bugtraq ID:	52719
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2010-5077
Remote:	Yes
Local:	No
Published:	Mar 26 2012 12:00AM
Updated:	Apr 13 2015 09:38PM
Credit:	RawShark
Vulnerable:	ioquake3 ioquake3 2098 ioquake3 ioquake3 2097 ioquake3 ioquake3 1773 ioquake3 ioquake3 1499 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64
Not Vulnerable:

ioQuake3 Engine Multiple Remote Denial of Service Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

ioQuake3 Engine Multiple Remote Denial of Service Vulnerabilities

References:

• [ioquake3] DDOS attack on ioquake servers (ioquake3)
  
• [quake3-commits] r1762 - trunk/code/server (ioquake3)
  
• Bug 806898 - (CVE-2010-5077) CVE-2010-5077 quake3: DDoS via getstatus and rcon r (Red Hat)
  
• DDOS attack on ioquake3 servers (ioquake3)
  
• My server is getting bot striked (OpenArena)
  
• openarena-server: [CVE-2010-5077] traffic amplification via getstatus requests (Markus Koschany)
  
• Vendor Homepage (ioquake3)