Описание
Absolute path traversal vulnerability in Quake II server before R1Q2 on Linux, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a download command with a full pathname for a directory in the argument, which causes the server to crash when it cannot read data.
Absolute path traversal vulnerability in Quake II server before R1Q2 on Linux, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a download command with a full pathname for a directory in the argument, which causes the server to crash when it cannot read data.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-2595
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17893
- http://archives.neohapsis.com/archives/bugtraq/2004-10/0299.html
- http://secunia.com/advisories/13013
- http://secur1ty.net/advisories/001
- http://securitytracker.com/id?1011979
- http://web.archive.org/web/20041130092749/www.r1ch.net/stuff/r1q2
- http://www.osvdb.org/11184
- http://www.securityfocus.com/bid/11551
EPSS
CVE ID
Связанные уязвимости
Absolute path traversal vulnerability in Quake II server before R1Q2 on Linux, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a download command with a full pathname for a directory in the argument, which causes the server to crash when it cannot read data.
Absolute path traversal vulnerability in Quake II server before R1Q2 o ...
EPSS