CVE-2002-0964

Description

Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out.

Affected products

• Valve Software / half-life1.1.0.4 – 1.1.0.4
• Valve Software / half-life1.1.0.4 – 1.1.0.4
• Valve Software / half-life1.1.0.8 – 1.1.0.8
• Valve Software / half-life1.1.0.9 – 1.1.0.9
• Valve Software / half-life1.1.1.0 – 1.1.1.0
• Valve Software / half-life_dedicated_server3.1
• Valve Software / half-life_dedicated_server3.1.3 – 3.1.3

References

• MISChttp://www.iss.net/security_center/static/9412.php
• MISChttp://www.securityfocus.com/bid/5076
• MISChttp://archives.neohapsis.com/archives/bugtraq/2002-06/0248.html