debian · CVE-2010-5077

Quick triage

View at Official debian advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2010-5077 medium priority: Debian including 2 source packages (ioquake3, openarena), 10 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 10.

Description:

server/sv_main.c in Quake3 Arena, as used in ioquake3 before r1762, OpenArena, Tremulous, and other products, allows remote attackers to cause a denial of service (network traffic amplification) via a spoofed (1) getstatus or (2) rcon request.