CVE-2006-0734

Name of the Vulnerable Software and Affected Versions Half-Life CSTRIKE Dedicated Server version 1.6 and earlier

Description The issue allows remote authenticated users to cause a denial of service, resulting in an infinite loop and daemon hang. This is achieved by sending a connection string with a backslash character at the end to UDP port 27015, exploiting the SV CheckForDuplicateNames function.

Recommendations For Half-Life CSTRIKE Dedicated Server version 1.6 and earlier, as a temporary workaround, consider restricting access to the SV CheckForDuplicateNames function until a patch is available. Avoid using backslash characters at the end of connection strings to UDP port 27015 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.