Vulnerabilities > CVE-2000-0969 - Unspecified vulnerability in Valve Software Half-Life Dedicated Server 3.1.3

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

valve-software

critical

NVD

Published: 2000-12-19

Updated: 2017-10-10

Summary

Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.

Vulnerable Configurations

Part	Description	Count
Application	Valve_Software Valve Software Half Life Dedicated Server 3.1.3	1

References

http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
http://www.osvdb.org/6983
http://www.securityfocus.com/archive/1/141060
https://exchange.xforce.ibmcloud.com/vulnerabilities/5413