CVE-2002-0770

Quake 2 Q2 server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated...

CVE-2002-0770

The CVE-2002-0770 issue affects Quake II server 3.20/3.21, where a client can trigger the server to expand a variable like "$rcon_password" due to console variable expansion on unexpanded client input. This information leakage enables attackers to obtain sensitive credentials and potentially take...