Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1855

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1855
Last Modified 05 Sep 2008 04:42:32
Published 23 Mar 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1855

Summary

Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remote malicious servers to gain sensitive information via a man-in-the-middle attack.

Vulnerable Systems

Application

  • Mythic Entertainment Dark Age Of Camelot 1.60

  • Mythic Entertainment Dark Age Of Camelot 1.61

  • Mythic Entertainment Dark Age Of Camelot 1.62

  • Mythic Entertainment Dark Age Of Camelot 1.63

  • Mythic Entertainment Dark Age Of Camelot 1.65

  • Mythic Entertainment Dark Age Of Camelot 1.66

  • Mythic Entertainment Dark Age Of Camelot 1.67

  • Mythic Entertainment Dark Age Of Camelot 1.68


References

XF - daoc-login-mitm(15597)

BID - 9960

BUGTRAQ - 20040324 Dark Age of Camelot login client vulnerability to man in the middle

FULLDISC - 20040323 Dark Age of Camelot login client vulnerability to man in the middle attack

MISC - http://capnbry.net/daoc/advisory20040323/


Last Updated: 27 May 2016 10:39:12