Valve Software : Security Vulnerabilities, CVEs, (Denial of service) CVSS score >= 2
Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow.
Max CVSS
7.5
EPSS Score
1.13%
Published
2007-10-30
Updated
2012-10-30
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.6 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a backslash character at the end of a connection string to UDP port 27015.
Max CVSS
4.0
EPSS Score
0.41%
Published
2006-02-16
Updated
2017-07-20
The Half-Life engine before July 7 2004 allows remote attackers to cause a denial of service (server or client crash) via an empty fragmented packet.
Max CVSS
5.0
EPSS Score
1.12%
Published
2004-07-27
Updated
2017-07-11
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents "absence of player informations," a related issue to CVE-2006-0734.
Max CVSS
5.2
EPSS Score
0.07%
Published
2003-12-31
Updated
2008-09-05
Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out.
Max CVSS
5.0
EPSS Score
3.34%
Published
2002-10-04
Updated
2008-09-05
5 vulnerabilities found