18 matches found
EUVD-1999-1210
Malware in sbrugna...
EUVD-2002-0762
Malware in sbrugna...
EUVD-1999-1211
Malware in sbrugna...
EUVD-2005-2775
Malware in sbrugna...
CVE-2005-2774
Format string vulnerability in Lithium II mod 1.24 for Quake 2 allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via format string specifiers in the nickname...
CVE-2005-2774
Format string vulnerability in Lithium II mod 1.24 for Quake 2 allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via format string specifiers in the nickname...
CVE-2005-2774
CVE-2005-2774 affects Lithium II mod 1.24 for Quake 2. The vulnerability is a format string flaw in the nickname handling that can cause a server denial of service and may allow arbitrary code execution. Exploitation details are not provided in the available documents; no specific exploit vectors...
Quake 2 Lithium mode format string bug
Format string bug on parsing player's nickname...
Quake 2 Lithium Mod V 1.24 Macro Expansion Vuln?
Well I ran quake 2 using Lithium mod V 1.24 under OllyDBG and it seems that the lithium II mod for quake 2 latest PATCH 3.20 is parsing the '' in nicks. My well crafted nickname '999fffff' is being pushed onto the stack as 004144A1 |. 68 E821AF00 PUSH QUAKE2.00AF21E8 ; ASCII "0.000000 0.000000...
CVE-2002-0770
Quake 2 Q2 server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated...
CVE-2002-0770
Quake 2 Q2 server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated...
CVE-2002-0770
The CVE-2002-0770 issue affects Quake II server 3.20/3.21, where a client can trigger the server to expand a variable like "$rcon_password" due to console variable expansion on unexpanded client input. This information leakage enables attackers to obtain sensitive credentials and potentially take...
CVE-1999-1229
Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file...
CVE-1999-1230
Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself...
CVE-1999-1230
CVE-1999-1230 affects the Quake 2 server. A remote attacker can cause a denial of service by sending a spoofed UDP packet with a source address of 127.0.0.1, triggering the server to attempt a connection to itself. The provided documents explicitly describe the vulnerability and impact but do not...
CVE-1999-1229
The CVE-1999-1229 issue affects the Quake 2 server 3.13 on Linux, where the server does not properly validate config.cfg permissions, allowing a local user to read arbitrary files via a symlink from config.cfg to the target file. The root cause is an insufficient permission check for the configur...
CVE-1999-1229
Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file...
CVE-1999-1230
Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself...