Lucene search

[email protected]CVE-2007-4532

HistoryAug 25, 2007 - 12:17 a.m.

CVE-2007-4532

2007-08-2500:17:00

[email protected]

web.nvd.nist.gov

"cve-2007-4532

soldat game server

dedicated server

denial of service

remote attack

udp packet

ip address spoofing"

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.4%

JSON

Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and earlier, allows remote attackers to cause a denial of service (client lockout) via a series of UDP join packets from a spoofed IP address, which triggers temporary blacklisting of this IP address.

Affected configurations

NVD

Node

michal_marcinkowskisoldat_dedicated_serverRange≤2.6.2

michal_marcinkowskisoldat_game_serverRange≤1.4.2

CPENameOperatorVersion
michal_marcinkowski:soldat_dedicated_servermichal marcinkowski soldat dedicated serverle2.6.2
michal_marcinkowski:soldat_game_servermichal marcinkowski soldat game serverle1.4.2

CPE	Name	Operator	Version
michal_marcinkowski:soldat_dedicated_server	michal marcinkowski soldat dedicated server	le	2.6.2
michal_marcinkowski:soldat_game_server	michal marcinkowski soldat game server	le	1.4.2

References

aluigi.altervista.org/adv/soldatdos-adv.txt

aluigi.org/poc/soldatdos.zip

www.securityfocus.com/archive/1/477624/100/0/threaded

www.securityfocus.com/bid/25426

exchange.xforce.ibmcloud.com/vulnerabilities/36232

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.4%

JSON

Related for CVE-2007-4532

cvelist1 prion1 nvd1