Filtered by vendor Id Software
Subscriptions
Filtered by product Quake Ii Server
Subscriptions
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-2599 | 1 Id Software | 1 Quake Ii Server | 2024-11-21 | N/A |
Multiple buffer overflows in Quake II server before R1Q2, as used in multiple products, allow local users to cause a denial of service (application crash) via the server console or rcon. | ||||
CVE-2004-2598 | 1 Id Software | 1 Quake Ii Server | 2024-11-21 | N/A |
Quake II server before R1Q2, as used in multiple products, allows remote attackers to corrupt the server's client state data structure by exiting a session without a valid disconnect command, then reconnecting, which prevents a mod from being notified of changes in the client state. NOTE: the impact of this issue will vary depending on which mod is being used. | ||||
CVE-2004-2597 | 1 Id Software | 1 Quake Ii Server | 2024-11-21 | N/A |
Quake II server before R1Q2, as used in multiple products, allows remote attackers to bypass IP-based access control rules via a userinfo string that already contains an "ip" key/value pair but is also long enough to cause a new key/value pair to be truncated, which interferes with the server's ability to find the client's IP address. | ||||
CVE-2004-2596 | 1 Id Software | 1 Quake Ii Server | 2024-11-21 | N/A |
Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address. | ||||
CVE-2004-2593 | 1 Id Software | 1 Quake Ii Server | 2024-11-21 | N/A |
Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a packet with a long cmd_args buffer. | ||||
CVE-2004-2592 | 1 Id Software | 1 Quake Ii Server | 2024-11-21 | N/A |
Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines. |
Page 1 of 1.