Lucene search

[email protected]CVE-2004-1216

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1216

2005-01-1005:00:00

[email protected]

web.nvd.nist.gov

kreed 1.05

denial of service

remote attackers

security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

JSON

The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service (server freeze) via a long (1) nickname or (2) model type, which generates dialog boxes on the server that must be manually handled before the server continues the game.

Affected configurations

NVD

Node

burutkreedMatch1.5

CPENameOperatorVersion
burut:kreedburut kreedeq1.5

CPE	Name	Operator	Version
burut:kreed	burut kreed	eq	1.5

References

marc.info/?l=bugtraq&m=110201776207915&w=2

www.securityfocus.com/bid/11799

exchange.xforce.ibmcloud.com/vulnerabilities/18345

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

JSON

Related for CVE-2004-1216

cvelist1 nvd1