published date: October 4, 2002

CVE-2002-0964 : Denial of Service Vulnerability

Description

Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out.

Product(s):

Valve Software Half-Life 1.1.0.4 for Linux
Valve Software Half-Life 1.1.0.4 for Windows
Valve Software Half-Life 1.1.0.8
Valve Software Half-Life 1.1.0.9
Valve Software Half-Life 1.1.1.0
Valve Software Half-Life Dedicated Server
Valve Software Half-Life Dedicated Server 3.1.3

CVSS:5 [Critical]
EPSS:4.19%
Exploitability:10
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-2002-0964, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-2002-0964 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

https://nvd.nist.gov/vuln/detail/CVE-2002-0964

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales