Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2004-1395

Published: 31/12/2004 Updated: 11/07/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The Lithtech engine, as used in (1) Contract Jack 1.1 and previous versions, (2) No one lives forever 2 1.3 and previous versions, (3) Tron 2.0 1.042 and previous versions, (4) F.E.A.R. (First Encounter Assault and Recon), and possibly other games, allows remote malicious users to cause a denial of service (connection refused) via a UDP packet that causes recvfrom to generate a return code that causes the listening loop to exit, as demonstrated using zero byte packets or packets between 8193 and 12280 bytes, which result in conditions that are not "Operation would block."

Vulnerable Product Search on Vulmon Subscribe to Product

monolith productions tron 2.0.1.0

monolith productions tron 2.0.1.42

monolith productions contract jack 1.1

monolith productions no one lives forever 2 1.0.004

monolith productions no one lives forever 2 1.3

Exploits

Exploit DB: Lithtech Engine (new protocol) - Socket Unreacheable Denial of Service
/* by Luigi Auriemma */ #include <stdioh> #include <stdlibh> #include <stringh> #ifdef WIN32 #include <winsockh> /* Header file used for manage errors in Windows It support socket and errno too (this header replace the previous sock_errXh) */ #include <stringh> #include <errnoh> void s ...

References

NVD-CWE-Otherhttp://lists.grok.org.uk/pipermail/full-disclosure/2004-December/029932.htmlhttp://aluigi.altervista.org/adv/lithsock-adv.txthttp://www.securityfocus.com/bid/11902http://secunia.com/advisories/13446/http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038095.htmlhttp://secunia.com/advisories/17317http://marc.info/?l=bugtraq&m=110297515500671&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/18456https://nvd.nist.govhttps://www.exploit-db.com/exploits/683/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223CVE-2024-0044information disclosureCVE-2024-35753HTML injectionCVE-2024-21306CVE-2024-35733SQL injectionCVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook