CVE-2006-0734

Valve Software Half-life Cstrike Dedicated Server - Memory Corruption

Title source: rule

Description

The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.6 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a backslash character at the end of a connection string to UDP port 27015.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Firestorm · perldosmultiple

https://www.exploit-db.com/exploits/1483

View Code ZIP pw:eip

References (3)

[Exploit] http://www.securityfocus.com/bid/16619

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/33505

[Third Party Advisory] http://aluigi.altervista.org/adv/csdos.txt

Scores

EPSS 0.0541

EPSS Percentile 90.2%

Details

CWE

CWE-119

Status published

Products (1)

valve_software/half-life_cstrike_dedicated_server < 1.6_linux

Published Feb 16, 2006

Tracked Since Feb 18, 2026