| Vulnerability Name: | CVE-2004-2596 (CCN-17894) | ||||||||
| Assigned: | 2004-10-27 | ||||||||
| Published: | 2004-10-27 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||
| Vulnerability Type: | CWE-20 | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: BUGTRAQ Type: UNKNOWN 20041027 Multiple Vulnerabilites in Quake II Server Source: MITRE Type: CNA CVE-2004-2596 Source: CCN Type: SA13013 Quake2 Engine Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 13013 Source: MISC Type: Vendor Advisory http://secur1ty.net/advisories/001 Source: CCN Type: r1ch.net Security Advisory, 2004-10-27 Multiple Vulnerabilites in Quake II Server Source: CCN Type: SECTRACK ID: 1011979 Quake II Has Multiple Bugs That Let Remote Users Obtain Information, Deny Service, and Possibly Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1011979 Source: CONFIRM Type: UNKNOWN http://web.archive.org/web/20041130092749/www.r1ch.net/stuff/r1q2/ Source: CCN Type: Quake Web site Quake III: Gold Source: CCN Type: OSVDB ID: 11185 Quake 2 Server Spoofed Client DoS Source: CCN Type: r1ch.net Web site R1Q2 - R1CHs Hacked Quake II Client/Server Source: BID Type: UNKNOWN 11551 Source: CCN Type: BID-11551 ID Software Quake II Server Multiple Remote Vulnerabilities Source: XF Type: UNKNOWN quake-mult-conn-dos(17894) Source: XF Type: UNKNOWN quake-mult-conn-dos(17894) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||