Search...

CVE-2004-1576

2004-12-31T05:00:00

ID CVE-2004-1576
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:31:00

Description

Format string vulnerability in Judge Dredd: Dredd vs. Death 1.01 and earlier allows remote attackers to cause a denial of service (application crash) via format string specifiers in a chat message.

JSON Vulners Source

Initial Source

{"id": "CVE-2004-1576", "bulletinFamily": "NVD", "title": "CVE-2004-1576", "description": "Format string vulnerability in Judge Dredd: Dredd vs. Death 1.01 and earlier allows remote attackers to cause a denial of service (application crash) via format string specifiers in a chat message.", "published": "2004-12-31T05:00:00", "modified": "2017-07-11T01:31:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1576", "reporter": "cve@mitre.org", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/17579", "http://secunia.com/advisories/12710", "http://marc.info/?l=bugtraq&m=109674541519610&w=2"], "cvelist": ["CVE-2004-1576"], "type": "cve", "lastseen": "2019-05-29T18:08:03", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "2a704ad1eed89a61cf0f1c46254eb545"}, {"key": "cvss", "hash": "41b62a8aa1ee5c40897717cadc30784a"}, {"key": "cvss2", "hash": "85fc9715d07b57d9e72056856b007c7b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "91fd2691eb6709e8887f1ead087d88a0"}, {"key": "href", "hash": "47988ce31b40ec713d3cda3f2026642a"}, {"key": "modified", "hash": "523ab2b584257b356b93ab54fd2d1554"}, {"key": "published", "hash": "3f051342f862f2833e883053d29ea929"}, {"key": "references", "hash": "33d82cbb8343cca1fc1ae9168a27c640"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "b648ba10ed825ed52b13e362f6f1f7c7"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "1140bbc8f460bfc5cff1b103bef0be3ee287c3428a193fbcba086a24dbf45d17", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:10473"]}], "modified": "2019-05-29T18:08:03"}, "score": {"value": 5.2, "vector": "NONE", "modified": "2019-05-29T18:08:03"}, "vulnersScore": 5.2}, "objectVersion": "1.3", "cpe": [], "affectedSoftware": [], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": [], "cwe": ["NVD-CWE-Other"]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:05", "bulletinFamily": "software", "description": "## Vulnerability Description\nJudge Dredd: Dredd vs. Death contains a flaw that may allow a remote denial of service. The issue is triggered when user sends a specially crafted chat message to the server, and will result in loss of availability for the server.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nJudge Dredd: Dredd vs. Death contains a flaw that may allow a remote denial of service. The issue is triggered when user sends a specially crafted chat message to the server, and will result in loss of availability for the server.\n## Manual Testing Notes\nLaunch a client and connect to the server, join the server, and send the following chat message (by default pressing the 'T' key): \n\n%n%n%n%n%n \n\nThe server will crash immediately. \n\nYou can do the same check running only the server and sending the chat \nmessage from the same computer.\n## References:\nVendor URL: http://www.dreddvsdeath.com\n[Secunia Advisory ID:12710](https://secuniaresearch.flexerasoftware.com/advisories/12710/)\nOther Advisory URL: http://aluigi.altervista.org/adv/dreddfs-adv.txt\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0016.html\n[CVE-2004-1576](https://vulners.com/cve/CVE-2004-1576)\n", "modified": "2004-10-02T07:55:04", "published": "2004-10-02T07:55:04", "href": "https://vulners.com/osvdb/OSVDB:10473", "id": "OSVDB:10473", "type": "osvdb", "title": "Judge Dredd Client Message Handling Format String DoS", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}