Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0969

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-0969
Last Modified 10 Sep 2008 03:06:15
Published 19 Dec 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0969

Summary

Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.

Vulnerable Systems

Application

  • Valve Software Half-life Dedicated Server 3.1.3


References

XF - halflife-rcon-format-string

BUGTRAQ - 20001024 Tamandua Sekure Labs Security Advisory 2000-01

OSVDB - 6983

BUGTRAQ - 20001027 Re: Half Life dedicated server Patch

BUGTRAQ - 20001016 Half-Life Dedicated Server Vulnerability


Last Updated: 27 May 2016 10:35:57