Vulnerabilities > CVE-2004-2595 - Unspecified vulnerability in ID Software Quake II Server Linux 3.20/3.21
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Absolute path traversal vulnerability in Quake II server before R1Q2 on Linux, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a download command with a full pathname for a directory in the argument, which causes the server to crash when it cannot read data.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://archives.neohapsis.com/archives/bugtraq/2004-10/0299.html
- http://archives.neohapsis.com/archives/bugtraq/2004-10/0299.html
- http://secunia.com/advisories/13013
- http://secunia.com/advisories/13013
- http://secur1ty.net/advisories/001
- http://secur1ty.net/advisories/001
- http://securitytracker.com/id?1011979
- http://securitytracker.com/id?1011979
- http://web.archive.org/web/20041130092749/www.r1ch.net/stuff/r1q2/
- http://web.archive.org/web/20041130092749/www.r1ch.net/stuff/r1q2/
- http://www.osvdb.org/11184
- http://www.osvdb.org/11184
- http://www.securityfocus.com/bid/11551
- http://www.securityfocus.com/bid/11551
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17893
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17893