CVE-2003-1354

Gamespy3d Gamespy 3D - Memory Corruption

Title source: rule

Description

Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Mike Kristovich · cdoslinux

https://www.exploit-db.com/exploits/22183

View Code ZIP pw:eip

References (5)

[Various Sources] http://www.securiteam.com/securitynews/5EP0O0K8UO.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/11084

[Exploit] http://www.securityfocus.com/bid/6636

[Mailing List] http://seclists.org/lists/bugtraq/2003/Jan/0178.html

[Various Sources] http://www.pivx.com/kristovich/adv/mk001/

Scores

EPSS 0.0413

EPSS Percentile 88.7%

Details

CWE

CWE-119

Status published

Products (1)

gamespy3d/gamespy_3d 2.62

Published Dec 31, 2003

Tracked Since Feb 18, 2026