Quake Server Empty udp DoS Vulnerability

Quake1 Server is a software package designed to host multiple Quake players over a network for interactive play. A vulnerability exists in this software that can allow a malicious user to remotely crash a Quake server.

It is reported that Quake1 Server software fails to handle blank udp packets correctly. Upon receiving a specially crafted udp packet, the Quake1 Server discontinues responding to any requests. This results in a Denial of Service.


Privacy Statement
Copyright 2010, SecurityFocus