Valve Software Half-Life Dedicated Server 3.1/4.1 – Information Disclosure/Denial of Service

Valve Software Half-Life Dedicated Server 3.1/4.1 – Information Disclosure/Denial of Service

漏洞ID 1054260 漏洞类型
发布时间 2003-11-19 更新时间 2003-11-19
图片[1]-Valve Software Half-Life Dedicated Server 3.1/4.1 – Information Disclosure/Denial of Service-安全小百科CVE编号 N/A
图片[2]-Valve Software Half-Life Dedicated Server 3.1/4.1 – Information Disclosure/Denial of Service-安全小百科CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/23388
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/9070/info

Half-Life dedicated server has been reported prone to an information disclosure vulnerability. This issue may also be exploited to deny service to legitimate users of the Half-Life dedicated server.

The issue presents itself due to a flaw in download functionality that is provided by the Half-Life dedicated server. It has been reported that a malicious attacker may exploit this functionality to download any file from the root folder of the current running game type, or from the valve folder.

cmd dlfile server.cfg
cmd dlfile addons/amx/users.ini
cmd dlfile addons/amx/mysql.cfg
cmd dlfile maps/de_torn.bsp

相关推荐: FreeBSD linprocfs Privileged Process Memory Disclosure Vulnerability

FreeBSD linprocfs Privileged Process Memory Disclosure Vulnerability 漏洞ID 1102977 漏洞类型 Access Validation Error 发布时间 2001-08-21 更新时…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享