Vulnerability Description
Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gamespy3D | Gamespy 3D | 2.62 |
Related Weaknesses (CWE)
References
- http://seclists.org/lists/bugtraq/2003/Jan/0178.html
- http://www.pivx.com/kristovich/adv/mk001/
- http://www.securiteam.com/securitynews/5EP0O0K8UO.html
- http://www.securityfocus.com/bid/6636Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11084
- http://seclists.org/lists/bugtraq/2003/Jan/0178.html
- http://www.pivx.com/kristovich/adv/mk001/
- http://www.securiteam.com/securitynews/5EP0O0K8UO.html
- http://www.securityfocus.com/bid/6636Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11084
FAQ
What is CVE-2003-1354?
CVE-2003-1354 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UD...
How severe is CVE-2003-1354?
CVE-2003-1354 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1354?
Check the references section above for vendor advisories and patch information. Affected products include: Gamespy3D Gamespy 3D.