[原文]The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.
Alien Arena 2006 Gold Edition Com_sprintf() Function Long Skin DoS
Remote / Network Access
Denial of Service
Loss of Availability
Alien Arena contains a flaw that may allow a remote denial of service. The issue is triggered when using a player with a long skin, weapon, or model name (about 110 characters suffices), and will result in loss of availability for any client who is already inside or joins the game server.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.