CVE-2000-0969

Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.

Published: Dec 19, 2000
Updated: Apr 13, 2023
CVE: CVE-2000-0969
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
valve_software / half-life_dedicated_server	3.1.3	3.1.3.x

http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
http://www.osvdb.org/6983
http://www.securityfocus.com/archive/1/141060
https://exchange.xforce.ibmcloud.com/vulnerabilities/5413

Vulnerability Database

289,697

CVE-2000-0969