Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
8 vulnerabilities by monolith_productions
CVE-2007-5247 (GCVE-0-2007-5247)
Vulnerability from nvd – Published: 2007-10-06 17:00 – Updated: 2024-08-07 15:24
VLAI
EPSS
VEX
Summary
Multiple format string vulnerabilities in the Monolith Lithtech engine, as used by First Encounter Assault Recon (F.E.A.R.) 1.08 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server on UDP port 27888 or (2) a PB_U packet to UCON on UDP port 27888, different vectors than CVE-2004-1500. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://osvdb.org/45530 | vdb-entryx_refsource_OSVDB |
| http://aluigi.altervista.org/adv/fearfspb-adv.txt | x_refsource_MISC |
| http://aluigi.org/poc/fearfspb.zip | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/481231/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/3197 | third-party-advisoryx_refsource_SREASON |
| http://osvdb.org/45531 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-10-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45530",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45530"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/fearfspb-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/fearfspb.zip"
},
{
"name": "20071001 Format string in F.E.A.R. 1.08 through PB",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481231/100/0/threaded"
},
{
"name": "3197",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3197"
},
{
"name": "45531",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45531"
},
{
"name": "fear-punkbuster-format-string(36900)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36900"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in the Monolith Lithtech engine, as used by First Encounter Assault Recon (F.E.A.R.) 1.08 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server on UDP port 27888 or (2) a PB_U packet to UCON on UDP port 27888, different vectors than CVE-2004-1500. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "45530",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45530"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/fearfspb-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/fearfspb.zip"
},
{
"name": "20071001 Format string in F.E.A.R. 1.08 through PB",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481231/100/0/threaded"
},
{
"name": "3197",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3197"
},
{
"name": "45531",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45531"
},
{
"name": "fear-punkbuster-format-string(36900)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36900"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple format string vulnerabilities in the Monolith Lithtech engine, as used by First Encounter Assault Recon (F.E.A.R.) 1.08 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server on UDP port 27888 or (2) a PB_U packet to UCON on UDP port 27888, different vectors than CVE-2004-1500. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45530",
"refsource": "OSVDB",
"url": "http://osvdb.org/45530"
},
{
"name": "http://aluigi.altervista.org/adv/fearfspb-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/fearfspb-adv.txt"
},
{
"name": "http://aluigi.org/poc/fearfspb.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/fearfspb.zip"
},
{
"name": "20071001 Format string in F.E.A.R. 1.08 through PB",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481231/100/0/threaded"
},
{
"name": "3197",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3197"
},
{
"name": "45531",
"refsource": "OSVDB",
"url": "http://osvdb.org/45531"
},
{
"name": "fear-punkbuster-format-string(36900)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36900"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5247",
"datePublished": "2007-10-06T17:00:00.000Z",
"dateReserved": "2007-10-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:24:42.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1395 (GCVE-0-2004-1395)
Vulnerability from nvd – Published: 2005-02-12 05:00 – Updated: 2024-08-08 00:53
VLAI
EPSS
VEX
Summary
The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. (First Encounter Assault and Recon), and possibly other games, allows remote attackers to cause a denial of service (connection refused) via a UDP packet that causes recvfrom to generate a return code that causes the listening loop to exit, as demonstrated using zero byte packets or packets between 8193 and 12280 bytes, which result in conditions that are not "Operation would block."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/13446/ | third-party-advisoryx_refsource_SECUNIA |
| http://aluigi.altervista.org/adv/lithsock-adv.txt | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/17317 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/11902 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=110297515500671&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
Date Public
2004-12-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:22.689Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13446",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13446/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/lithsock-adv.txt"
},
{
"name": "lithtech-engine-communication-dos(18456)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18456"
},
{
"name": "20051021 F.E.A.R. 1.01 likes lithsock",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038095.html"
},
{
"name": "17317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17317"
},
{
"name": "11902",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11902"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110297515500671\u0026w=2"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/029932.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. (First Encounter Assault and Recon), and possibly other games, allows remote attackers to cause a denial of service (connection refused) via a UDP packet that causes recvfrom to generate a return code that causes the listening loop to exit, as demonstrated using zero byte packets or packets between 8193 and 12280 bytes, which result in conditions that are not \"Operation would block.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13446",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13446/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/lithsock-adv.txt"
},
{
"name": "lithtech-engine-communication-dos(18456)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18456"
},
{
"name": "20051021 F.E.A.R. 1.01 likes lithsock",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038095.html"
},
{
"name": "17317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17317"
},
{
"name": "11902",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11902"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110297515500671\u0026w=2"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/029932.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1395",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. (First Encounter Assault and Recon), and possibly other games, allows remote attackers to cause a denial of service (connection refused) via a UDP packet that causes recvfrom to generate a return code that causes the listening loop to exit, as demonstrated using zero byte packets or packets between 8193 and 12280 bytes, which result in conditions that are not \"Operation would block.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13446",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13446/"
},
{
"name": "http://aluigi.altervista.org/adv/lithsock-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/lithsock-adv.txt"
},
{
"name": "lithtech-engine-communication-dos(18456)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18456"
},
{
"name": "20051021 F.E.A.R. 1.01 likes lithsock",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038095.html"
},
{
"name": "17317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17317"
},
{
"name": "11902",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11902"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110297515500671\u0026w=2"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/029932.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1395",
"datePublished": "2005-02-12T05:00:00.000Z",
"dateReserved": "2005-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:53:22.689Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1500 (GCVE-0-2004-1500)
Vulnerability from nvd – Published: 2005-02-19 05:00 – Updated: 2024-08-08 00:53
VLAI
EPSS
VEX
Summary
Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/11610 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/17317 | third-party-advisoryx_refsource_SECUNIA |
| http://aluigi.altervista.org/adv/lithfs-adv.txt | x_refsource_MISC |
| http://secunia.com/advisories/13116/ | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=bugtraq&m=109969394601331&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2004-11-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:23.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11610",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11610"
},
{
"name": "lithtech-format-string(17972)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17972"
},
{
"name": "17317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17317"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/lithfs-adv.txt"
},
{
"name": "13116",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13116/"
},
{
"name": "20041105 In-game format string bug in the Lithtech engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109969394601331\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11610",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11610"
},
{
"name": "lithtech-format-string(17972)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17972"
},
{
"name": "17317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17317"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/lithfs-adv.txt"
},
{
"name": "13116",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13116/"
},
{
"name": "20041105 In-game format string bug in the Lithtech engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109969394601331\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11610",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11610"
},
{
"name": "lithtech-format-string(17972)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17972"
},
{
"name": "17317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17317"
},
{
"name": "http://aluigi.altervista.org/adv/lithfs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/lithfs-adv.txt"
},
{
"name": "13116",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13116/"
},
{
"name": "20041105 In-game format string bug in the Lithtech engine",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109969394601331\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1500",
"datePublished": "2005-02-19T05:00:00.000Z",
"dateReserved": "2005-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:53:23.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1587 (GCVE-0-2004-1587)
Vulnerability from nvd – Published: 2005-02-20 05:00 – Updated: 2024-08-08 00:53
VLAI
EPSS
VEX
Summary
Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/11354 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=109728194025487&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://marc.info/?l=full-disclosure&m=10972707782… | mailing-listx_refsource_FULLDISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/12776/ | third-party-advisoryx_refsource_SECUNIA |
| http://securitytracker.com/alerts/2004/Oct/1011603.html | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/displayvuln.php?osvdb_id=10635 | vdb-entryx_refsource_OSVDB |
Date Public
2004-10-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:24.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11354",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11354"
},
{
"name": "shogo-long-query-bo(17670)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17670"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109728194025487\u0026w=2"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=109727077824860\u0026w=2"
},
{
"name": "nolf-long-query-bo(17669)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17669"
},
{
"name": "12776",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12776/"
},
{
"name": "1011603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2004/Oct/1011603.html"
},
{
"name": "avp2-long-query-bo(17665)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17665"
},
{
"name": "blood2-long-query-bo(17668)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17668"
},
{
"name": "10635",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=10635"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11354",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11354"
},
{
"name": "shogo-long-query-bo(17670)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17670"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109728194025487\u0026w=2"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=109727077824860\u0026w=2"
},
{
"name": "nolf-long-query-bo(17669)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17669"
},
{
"name": "12776",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12776/"
},
{
"name": "1011603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2004/Oct/1011603.html"
},
{
"name": "avp2-long-query-bo(17665)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17665"
},
{
"name": "blood2-long-query-bo(17668)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17668"
},
{
"name": "10635",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=10635"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11354"
},
{
"name": "shogo-long-query-bo(17670)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17670"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109728194025487\u0026w=2"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=109727077824860\u0026w=2"
},
{
"name": "nolf-long-query-bo(17669)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17669"
},
{
"name": "12776",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12776/"
},
{
"name": "1011603",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2004/Oct/1011603.html"
},
{
"name": "avp2-long-query-bo(17665)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17665"
},
{
"name": "blood2-long-query-bo(17668)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17668"
},
{
"name": "10635",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=10635"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1587",
"datePublished": "2005-02-20T05:00:00.000Z",
"dateReserved": "2005-02-20T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:53:24.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5247 (GCVE-0-2007-5247)
Vulnerability from cvelistv5 – Published: 2007-10-06 17:00 – Updated: 2024-08-07 15:24
VLAI
EPSS
VEX
Summary
Multiple format string vulnerabilities in the Monolith Lithtech engine, as used by First Encounter Assault Recon (F.E.A.R.) 1.08 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server on UDP port 27888 or (2) a PB_U packet to UCON on UDP port 27888, different vectors than CVE-2004-1500. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://osvdb.org/45530 | vdb-entryx_refsource_OSVDB |
| http://aluigi.altervista.org/adv/fearfspb-adv.txt | x_refsource_MISC |
| http://aluigi.org/poc/fearfspb.zip | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/481231/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/3197 | third-party-advisoryx_refsource_SREASON |
| http://osvdb.org/45531 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-10-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45530",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45530"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/fearfspb-adv.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.org/poc/fearfspb.zip"
},
{
"name": "20071001 Format string in F.E.A.R. 1.08 through PB",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/481231/100/0/threaded"
},
{
"name": "3197",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3197"
},
{
"name": "45531",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45531"
},
{
"name": "fear-punkbuster-format-string(36900)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36900"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in the Monolith Lithtech engine, as used by First Encounter Assault Recon (F.E.A.R.) 1.08 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server on UDP port 27888 or (2) a PB_U packet to UCON on UDP port 27888, different vectors than CVE-2004-1500. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "45530",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45530"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/fearfspb-adv.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.org/poc/fearfspb.zip"
},
{
"name": "20071001 Format string in F.E.A.R. 1.08 through PB",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/481231/100/0/threaded"
},
{
"name": "3197",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3197"
},
{
"name": "45531",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45531"
},
{
"name": "fear-punkbuster-format-string(36900)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36900"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple format string vulnerabilities in the Monolith Lithtech engine, as used by First Encounter Assault Recon (F.E.A.R.) 1.08 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server on UDP port 27888 or (2) a PB_U packet to UCON on UDP port 27888, different vectors than CVE-2004-1500. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45530",
"refsource": "OSVDB",
"url": "http://osvdb.org/45530"
},
{
"name": "http://aluigi.altervista.org/adv/fearfspb-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/fearfspb-adv.txt"
},
{
"name": "http://aluigi.org/poc/fearfspb.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/fearfspb.zip"
},
{
"name": "20071001 Format string in F.E.A.R. 1.08 through PB",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481231/100/0/threaded"
},
{
"name": "3197",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3197"
},
{
"name": "45531",
"refsource": "OSVDB",
"url": "http://osvdb.org/45531"
},
{
"name": "fear-punkbuster-format-string(36900)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36900"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5247",
"datePublished": "2007-10-06T17:00:00.000Z",
"dateReserved": "2007-10-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:24:42.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1587 (GCVE-0-2004-1587)
Vulnerability from cvelistv5 – Published: 2005-02-20 05:00 – Updated: 2024-08-08 00:53
VLAI
EPSS
VEX
Summary
Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/11354 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=109728194025487&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://marc.info/?l=full-disclosure&m=10972707782… | mailing-listx_refsource_FULLDISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/12776/ | third-party-advisoryx_refsource_SECUNIA |
| http://securitytracker.com/alerts/2004/Oct/1011603.html | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/displayvuln.php?osvdb_id=10635 | vdb-entryx_refsource_OSVDB |
Date Public
2004-10-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:24.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11354",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11354"
},
{
"name": "shogo-long-query-bo(17670)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17670"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109728194025487\u0026w=2"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=109727077824860\u0026w=2"
},
{
"name": "nolf-long-query-bo(17669)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17669"
},
{
"name": "12776",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12776/"
},
{
"name": "1011603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2004/Oct/1011603.html"
},
{
"name": "avp2-long-query-bo(17665)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17665"
},
{
"name": "blood2-long-query-bo(17668)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17668"
},
{
"name": "10635",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=10635"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11354",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11354"
},
{
"name": "shogo-long-query-bo(17670)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17670"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109728194025487\u0026w=2"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=109727077824860\u0026w=2"
},
{
"name": "nolf-long-query-bo(17669)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17669"
},
{
"name": "12776",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12776/"
},
{
"name": "1011603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2004/Oct/1011603.html"
},
{
"name": "avp2-long-query-bo(17665)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17665"
},
{
"name": "blood2-long-query-bo(17668)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17668"
},
{
"name": "10635",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=10635"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11354"
},
{
"name": "shogo-long-query-bo(17670)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17670"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109728194025487\u0026w=2"
},
{
"name": "20041008 Limited \\secure\\ buffer-overflow in some old Monolith games",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=109727077824860\u0026w=2"
},
{
"name": "nolf-long-query-bo(17669)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17669"
},
{
"name": "12776",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12776/"
},
{
"name": "1011603",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2004/Oct/1011603.html"
},
{
"name": "avp2-long-query-bo(17665)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17665"
},
{
"name": "blood2-long-query-bo(17668)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17668"
},
{
"name": "10635",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=10635"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1587",
"datePublished": "2005-02-20T05:00:00.000Z",
"dateReserved": "2005-02-20T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:53:24.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1500 (GCVE-0-2004-1500)
Vulnerability from cvelistv5 – Published: 2005-02-19 05:00 – Updated: 2024-08-08 00:53
VLAI
EPSS
VEX
Summary
Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/11610 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/17317 | third-party-advisoryx_refsource_SECUNIA |
| http://aluigi.altervista.org/adv/lithfs-adv.txt | x_refsource_MISC |
| http://secunia.com/advisories/13116/ | third-party-advisoryx_refsource_SECUNIA |
| http://marc.info/?l=bugtraq&m=109969394601331&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2004-11-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:23.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11610",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11610"
},
{
"name": "lithtech-format-string(17972)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17972"
},
{
"name": "17317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17317"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/lithfs-adv.txt"
},
{
"name": "13116",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13116/"
},
{
"name": "20041105 In-game format string bug in the Lithtech engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109969394601331\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11610",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11610"
},
{
"name": "lithtech-format-string(17972)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17972"
},
{
"name": "17317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17317"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/lithfs-adv.txt"
},
{
"name": "13116",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13116/"
},
{
"name": "20041105 In-game format string bug in the Lithtech engine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109969394601331\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11610",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11610"
},
{
"name": "lithtech-format-string(17972)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17972"
},
{
"name": "17317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17317"
},
{
"name": "http://aluigi.altervista.org/adv/lithfs-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/lithfs-adv.txt"
},
{
"name": "13116",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13116/"
},
{
"name": "20041105 In-game format string bug in the Lithtech engine",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109969394601331\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1500",
"datePublished": "2005-02-19T05:00:00.000Z",
"dateReserved": "2005-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:53:23.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1395 (GCVE-0-2004-1395)
Vulnerability from cvelistv5 – Published: 2005-02-12 05:00 – Updated: 2024-08-08 00:53
VLAI
EPSS
VEX
Summary
The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. (First Encounter Assault and Recon), and possibly other games, allows remote attackers to cause a denial of service (connection refused) via a UDP packet that causes recvfrom to generate a return code that causes the listening loop to exit, as demonstrated using zero byte packets or packets between 8193 and 12280 bytes, which result in conditions that are not "Operation would block."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/13446/ | third-party-advisoryx_refsource_SECUNIA |
| http://aluigi.altervista.org/adv/lithsock-adv.txt | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/17317 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/11902 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=110297515500671&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
Date Public
2004-12-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:22.689Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13446",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13446/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/lithsock-adv.txt"
},
{
"name": "lithtech-engine-communication-dos(18456)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18456"
},
{
"name": "20051021 F.E.A.R. 1.01 likes lithsock",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038095.html"
},
{
"name": "17317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17317"
},
{
"name": "11902",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11902"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110297515500671\u0026w=2"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/029932.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. (First Encounter Assault and Recon), and possibly other games, allows remote attackers to cause a denial of service (connection refused) via a UDP packet that causes recvfrom to generate a return code that causes the listening loop to exit, as demonstrated using zero byte packets or packets between 8193 and 12280 bytes, which result in conditions that are not \"Operation would block.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13446",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13446/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/lithsock-adv.txt"
},
{
"name": "lithtech-engine-communication-dos(18456)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18456"
},
{
"name": "20051021 F.E.A.R. 1.01 likes lithsock",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038095.html"
},
{
"name": "17317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17317"
},
{
"name": "11902",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11902"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110297515500671\u0026w=2"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/029932.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1395",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. (First Encounter Assault and Recon), and possibly other games, allows remote attackers to cause a denial of service (connection refused) via a UDP packet that causes recvfrom to generate a return code that causes the listening loop to exit, as demonstrated using zero byte packets or packets between 8193 and 12280 bytes, which result in conditions that are not \"Operation would block.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13446",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13446/"
},
{
"name": "http://aluigi.altervista.org/adv/lithsock-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/lithsock-adv.txt"
},
{
"name": "lithtech-engine-communication-dos(18456)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18456"
},
{
"name": "20051021 F.E.A.R. 1.01 likes lithsock",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038095.html"
},
{
"name": "17317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17317"
},
{
"name": "11902",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11902"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110297515500671\u0026w=2"
},
{
"name": "20041213 Socket unreacheable in the Lithtech engine (new protocol)",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/029932.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1395",
"datePublished": "2005-02-12T05:00:00.000Z",
"dateReserved": "2005-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:53:22.689Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}