Fedora 11 : alienarena-7.32-3.fc11 (2010-6132)

Fixes the following security issues: - By supplying various invalid parameters to the download command, it is possible to cause a DoS condition by causing the server to crash. A path ending in . or / will crash on Linux. Supplying a negative offset will cause a crash on all platforms. - Fix buffe...

Fedora 12 : alienarena-7.32-3.fc12.2 (2010-6068)

Fixes the following security issues: - By supplying various invalid parameters to the download command, it is possible to cause a DoS condition by causing the server to crash. A path ending in . or / will crash on Linux. Supplying a negative offset will cause a crash on all platforms. - Fix buffe...

CVE-2004-2597

Quake II server before R1Q2, as used in multiple products, allows remote attackers to bypass IP-based access control rules via a userinfo string that already contains an "ip" key/value pair but is also long enough to cause a new key/value pair to be truncated, which interferes with the server's...

CVE-2004-2599

CVE-2004-2599 affects the Quake II server prior to R1Q2. The issue is described as multiple buffer overflows in the server, allowing local users to crash the application via the server console or rcon (denial of service). The connected documents provide the affected product and vulnerability clas...

CVE-2004-2597

Technical details about CVE-2004-2597 are not publicly available in the provided connected documents. No specific affected products/versions or remediation are stated here. Monitor for updates.

CVE-2004-2595

CVE-2004-2595 affects the Quake II server on Linux before R1Q2. It is an absolute path traversal in the download command using a full pathname, causing the server to crash (denial of service). No remediation details are provided in the supplied documents.

CVE-2004-2593

Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a packet with a long cmdargs buffer...

CVE-2004-2598

Affected software : Quake II server before R1Q2 (as used in multiple products). Vulnerability details : Remote attackers can corrupt the server’s client state data structure by exiting a session without a valid disconnect command and then reconnecting. This may prevent a mod from being notified o...

CVE-2004-2592

The CVE-2004-2592 issue affects the Quake II server before R1Q2, used in multiple products. It allows a remote attacker to trigger a denial of service (server/application crash) by a modified client that requests data stored at a negative array offset during processing of Configstrings and Baseli...