Quake Ii Server
Approved changes feed: RSS · Atom
cpe:2.3:a:id_software:quake_ii_server:3.21:*:*:*:*:*:*:*
part: a version: 3.21 update: *
| Vendor | Id Software (b3578cac-594e-5b0b-a037-8ea975d8ca14) |
|---|---|
| Product | Quake Ii Server (94b23d2b-a74e-5c19-8eaa-cdb3f08fc4df) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2004-2599 |
not_vulnerable | 2026-06-03 14:26:48.114830 |
Details available
Multiple buffer overflows in Quake II server before R1Q2, as used in multiple products, allow local users to cause a denial of service (application crash) via the server console or rcon.
Published: 2005-11-29T02:00:00.000Z
Updated: 2024-08-08T01:29:14.075Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-2598 |
not_vulnerable | 2026-06-03 14:26:48.114534 |
Details available
Quake II server before R1Q2, as used in multiple products, allows remote attackers to corrupt the server's client state data structure by exiting a session without a valid disconnect command, then reconnecting, which prevents a mod from being notified of changes in the client state. NOTE: the impact of this issue will vary depending on which mod is being used.
Published: 2005-11-29T02:00:00.000Z
Updated: 2024-09-16T19:55:57.891Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-2597 |
vulnerable | 2026-06-03 14:26:48.114239 |
Details available
Quake II server before R1Q2, as used in multiple products, allows remote attackers to bypass IP-based access control rules via a userinfo string that already contains an "ip" key/value pair but is also long enough to cause a new key/value pair to be truncated, which interferes with the server's ability to find the client's IP address.
Published: 2005-11-29T02:00:00.000Z
Updated: 2024-08-08T01:29:14.085Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-2596 |
vulnerable | 2026-06-03 14:26:48.113888 |
Details available
Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address.
Published: 2005-11-29T02:00:00.000Z
Updated: 2024-08-08T01:29:14.124Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-2593 |
vulnerable | 2026-06-03 14:26:48.108745 |
Details available
Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a packet with a long cmd_args buffer.
Published: 2005-11-29T02:00:00.000Z
Updated: 2024-08-08T01:29:14.217Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-2592 |
vulnerable | 2026-06-03 14:26:48.108311 |
Details available
Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines.
Published: 2005-11-29T02:00:00.000Z
Updated: 2024-08-08T01:29:14.122Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.