Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4584

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4584
Last Modified 10 Sep 2008 03:53:01
Published 29 Dec 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4584

Summary

BZFlag server 2.0.4 and earlier allows remote attackers to cause a denial of service (application crash) via a callsign that is not followed by a NULL (\0) character.

Vulnerable Systems

Application

  • Bzflag Server 1.10.0

  • Bzflag Server 1.10.2

  • Bzflag Server 1.10.4

  • Bzflag Server 1.10.6

  • Bzflag Server 1.10.8

  • Bzflag Server 1.7c Release 1

  • Bzflag Server 1.7c Release 2

  • Bzflag Server 1.7c Release 2 Patch 1

  • Bzflag Server 1.7c Release 2 Patch 2

  • Bzflag Server 1.7c Release 2 Patch 3

  • Bzflag Server 1.7d1

  • Bzflag Server 1.7d2

  • Bzflag Server 1.7d3

  • Bzflag Server 1.7d4

  • Bzflag Server 1.7d5

  • Bzflag Server 1.7d6

  • Bzflag Server 1.7d7

  • Bzflag Server 1.7d8

  • Bzflag Server 1.7d9

  • Bzflag Server 1.7e

  • Bzflag Server 1.7e1

  • Bzflag Server 1.7e2

  • Bzflag Server 1.7e4

  • Bzflag Server 1.7e6

  • Bzflag Server 1.7g0

  • Bzflag Server 1.7g2

  • Bzflag Server 2.0.0

  • Bzflag Server 2.0.2

  • Bzflag Server 2.0.4


References

BID - 16066

SECTRACK - 1015418

SECUNIA - 18238

MISC - http://cvs.sourceforge.net/viewcvs.py/*checkout*/bzflag/bzflag/ChangeLog?rev=2.103

MISC - http://aluigi.altervista.org/adv/bzflagboom-adv.txt

XF - bzflag-callsign-dos(23872)

OSVDB - 22036


Last Updated: 27 May 2016 10:41:22