CVE-2000-0969

Опубликовано: 19 дек. 2000

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
http://www.osvdb.org/6983
http://www.securityfocus.com/archive/1/141060
https://exchange.xforce.ibmcloud.com/vulnerabilities/5413
http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
http://www.osvdb.org/6983
http://www.securityfocus.com/archive/1/141060
https://exchange.xforce.ibmcloud.com/vulnerabilities/5413

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:valve_software:half-life_dedicated_server:3.1.3:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02704

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jrm7-fxfw-383p

github

больше 3 лет назад