Описание
Absolute path traversal vulnerability in Quake II server before R1Q2 on Windows, as used in multiple products, allows remote attackers to read arbitrary files via a "\/" in a pathname argument, as demonstrated by "download \/server.cfg".
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| quake2 | removed | package | ||
| quake2 | no-dsa | sarge | package |
EPSS
Процентиль: 74%
0.00874
Низкий
Связанные уязвимости
nvd
больше 20 лет назад
Absolute path traversal vulnerability in Quake II server before R1Q2 on Windows, as used in multiple products, allows remote attackers to read arbitrary files via a "\/" in a pathname argument, as demonstrated by "download \/server.cfg".
github
больше 3 лет назад
Absolute path traversal vulnerability in Quake II server before R1Q2 on Windows, as used in multiple products, allows remote attackers to read arbitrary files via a "\/" in a pathname argument, as demonstrated by "download \/server.cfg".
EPSS
Процентиль: 74%
0.00874
Низкий