CVE-2004-2598

Name of the Vulnerable Software and Affected Versions Quake II server versions prior to R1Q2

Description The issue allows remote attackers to corrupt the server's client state data structure by exiting a session without a valid disconnect command and then reconnecting. This prevents a mod from being notified of changes in the client state. The impact of this issue varies depending on the mod being used.

Recommendations For Quake II server versions prior to R1Q2, update to version R1Q2 or later to resolve the issue. As a temporary workaround, consider restricting reconnections without valid disconnect commands to minimize the risk of exploitation.