cbcvebase.

Id Software Quake Ii Server vulnerabilities

4 known vulnerabilities affecting id_software/quake_ii_server.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2004-2592P4MEDIUMCVSS 5.0PoCv3.20v3.212004-12-31
CVE-2004-2592 [MEDIUM] CWE-20 CVE-2004-2592: Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines.
nvd
CVE-2004-2593P4HIGHCVSS 7.5v3.20v3.212004-12-31
CVE-2004-2593 [HIGH] CVE-2004-2593: Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple pro Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a packet with a long cmd_args buffer.
nvd
CVE-2004-2597P4MEDIUMCVSS 5.0v3.20v3.212004-12-31
CVE-2004-2597 [MEDIUM] CVE-2004-2597: Quake II server before R1Q2, as used in multiple products, allows remote attackers to bypass IP-base Quake II server before R1Q2, as used in multiple products, allows remote attackers to bypass IP-based access control rules via a userinfo string that already contains an "ip" key/value pair but is also long enough to cause a new key/value pair to be truncated, which interferes with the server's ability to find the client's IP address.
nvd
CVE-2004-2596P4MEDIUMCVSS 5.0v3.20v3.212004-12-31
CVE-2004-2596 [MEDIUM] CWE-20 CVE-2004-2596: Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address.
nvd