COMMAND

    Quake

SYSTEMS AFFECTED

    Quake [I&II] servers

PROBLEM

    Ambrose Feinstein made remote crash attacks for Quake I and Quake
    II servers.  Those exploits can be found at:

        http://www-mae.engr.ucf.edu/~ambrose/q12crash-release-26dec97.tar.gz

    Files that should be in archive:

        q12crash-release-26dec97/
        q12crash-release-26dec97/qnet.h
        q12crash-release-26dec97/common.c
        q12crash-release-26dec97/common.h
        q12crash-release-26dec97/udpsock.c
        q12crash-release-26dec97/udpsock.h
        q12crash-release-26dec97/inetsock.c
        q12crash-release-26dec97/inetsock.h
        q12crash-release-26dec97/q1crash.h
        q12crash-release-26dec97/common.o
        q12crash-release-26dec97/Makefile
        q12crash-release-26dec97/q1crash.o
        q12crash-release-26dec97/inetsock.o
        q12crash-release-26dec97/udpsock.o
        q12crash-release-26dec97/q1crash
        q12crash-release-26dec97/q2crash.o
        q12crash-release-26dec97/q2crash.h
        q12crash-release-26dec97/q1crash.c
        q12crash-release-26dec97/rawip.c
        q12crash-release-26dec97/rawip.h
        q12crash-release-26dec97/q2crash.c
        q12crash-release-26dec97/rawip.o
        q12crash-release-26dec97/q2crash

SOLUTION

    The patch has been released by ID that seems to fix these:

        ftp://ftp.idsoftware.com/idstuff/quake2/patch_08.zip

    Actually, there are two patches.  The patch_07.zip was intended to
    fix the crash exploit and some other bugs while the   patch_08.zip
    was released to fix the  things that the patch_07.zip broke.   You
    can  skip  from  one  3.0.06  to  3.0.08 with no problems since it
    completely  replaces  the  quake2.exe  and  3 dll files.  However,
    there are still conectivity issues after the patches are applied.