CyberSec.Space Logo
返回 CVE 浏览器

CVE-2000-0969

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1390%
EPSS Percentile27.41th
Published2000年12月19日
Last Modified2026年4月16日

Vulnerability Description

Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.

Affected Platforms (CPE)

📦
Valve Software

Half Life Dedicated Server

= 3.1.3

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
🔗 http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
🔗 http://www.osvdb.org/6983
🔗 http://www.securityfocus.com/archive/1/141060
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5413
🔗 http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
🔗 http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
🔗 http://www.osvdb.org/6983

相关漏洞威胁

CVE-2000-096810.0

Buffer overflow in Half Life dedicated server before build 3104 allows remote attackers to execute arbitrary commands via a long r...

CVE-2003-13255.2

The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote auth...

CVE-2007-54774.3

Cross-site scripting (XSS) vulnerability in auth.w in djeyl.net WebMod 0.48 Half-Life Dedicated Server plugin allows remote attack...

CVE-2006-07344.0

The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.6 and earlier allows remote authenti...