being the author of a server query utility myself, I can comment on a couple of things raised:
there's no difference in the protocol ASE or any other game server browser uses to query game servers which implement the gamespy query protocol. It's not about the query utility, it's all about the game server.
quake (quakeworld), quake2, q3, half-life and cs, return to castle wolfenstein and a lot of the games listed have absolutely nothing to do with the GameSpy query protocol.
it is correct that bf1942, ut, ut2003, mohaa, ccrenegade, nolf, avp2, opflashpoint, jb nightfire and coutless other games do implement the gamespy query protocol, which debuted in the original Unreal.
there's however nothing in the exploit (which is so blatantly trivial I'd hardly call this a surprising new discovery, it's just the way Internet fundamentals are flawed) which would make this "problem" (if you characterize it as such) exclusive to the games using the gamespy protocols.
except though that Battlefield 1942 is a perfect choice for doing such things because of its generally large player count. 64 player servers all full mean quite a lot of information returned on a player information query.
(also their proof-of-concept code only includes support for exploiting servers supporting the GameSpy query protocol.)
as for fixing it, about the only thing you could do for the server is to limit the rate at which any legit or illegit utility could get a reply on its status queries, which is what they will probably do. well, that, or completely disabling all outside server querying or making everything currently out there incompatible by implementing some kind of challange authentication before getting a reply.
This comment was edited on Jan 17, 18:56.