Lucene search

MitreCVE-2003-1325

HistoryApr 12, 2007 - 7:00 p.m.

CVE-2003-1325

2007-04-1219:00:00

mitre

web.nvd.nist.gov

sv_checkforduplicatenames

valve software

half-life

cstrike

remote authentication

denial of service

infinite loop

daemon hang

cve-2003-1325

CVSS2

5.2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:S/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.004

Percentile

74.1%

JSON

The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents “absence of player informations,” a related issue to CVE-2006-0734.

Affected configurations

Nvd

Node

valve_softwarehalf-life_cstrike_dedicated_serverRange≤1.1.1.0

VendorProductVersionCPE
valve_softwarehalf-life_cstrike_dedicated_server*cpe:2.3:a:valve_software:half-life_cstrike_dedicated_server:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
valve_software	half-life_cstrike_dedicated_server	*	cpe:2.3:a:valve_software:half-life_cstrike_dedicated_server::::::::

References

aluigi.altervista.org/adv/csdos.txt

packetstormsecurity.org/0304-exploits/hl-headnut.c

CVSS2

5.2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:S/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.004

Percentile

74.1%

JSON

Related for CVE-2003-1325