Vulnerability Details CVE-2000-0969
Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 85.1%
CVSS Severity
CVSS v2 Score 10.0
References
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
- http://www.osvdb.org/6983
- http://www.securityfocus.com/archive/1/141060
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5413
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
- http://www.osvdb.org/6983
- http://www.securityfocus.com/archive/1/141060
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5413
Products affected by CVE-2000-0969
-
cpe:2.3:a:valve_software:half-life_dedicated_server:3.1.3