Lucene search

MitreCVE-2004-2593

HistoryNov 29, 2005 - 2:00 a.m.

CVE-2004-2593

2005-11-2902:00:00

mitre

web.nvd.nist.gov

cve-2004-2593

buffer overflow

quake ii

remote code execution

denial of service

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.093

Percentile

94.7%

JSON

Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a packet with a long cmd_args buffer.

Affected configurations

Nvd

Node

id_softwarequake_ii_serverMatch3.20

id_softwarequake_ii_serverMatch3.21

VendorProductVersionCPE
id_softwarequake_ii_server3.20cpe:2.3:a:id_software:quake_ii_server:3.20:*:*:*:*:*:*:*
id_softwarequake_ii_server3.21cpe:2.3:a:id_software:quake_ii_server:3.21:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
id_software	quake_ii_server	3.20	cpe:2.3:a:id_software:quake_ii_server:3.20:::::::*
id_software	quake_ii_server	3.21	cpe:2.3:a:id_software:quake_ii_server:3.21:::::::*

References

archives.neohapsis.com/archives/bugtraq/2004-10/0299.html

secunia.com/advisories/13013

secur1ty.net/advisories/001

securitytracker.com/id?1011979

web.archive.org/web/20041130092749/www.r1ch.net/stuff/r1q2/

www.osvdb.org/11182

www.securityfocus.com/bid/11551

exchange.xforce.ibmcloud.com/vulnerabilities/17891

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.093

Percentile

94.7%

JSON

Related for CVE-2004-2593