CVE-1999-1066

Quake 1 Server - Unauthenticated Denial of Service via Spoofed UDP Connection Request

Title source: llm
STIX 2.1

Description

Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request.

References (1)

Core 1
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=94589559631535&w=2

Scores

EPSS 0.0066
EPSS Percentile 71.2%

Details

Status published
Products (1)
sgi/quake_1_server
Published Dec 22, 1999
Tracked Since Feb 18, 2026