Vulnerabilities > CVE-2004-1667 - Remote Denial Of Service vulnerability in Gearbox Software Halo Combat Evolved Game Server

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

gearbox-software

NVD

Published: 2004-09-09

Updated: 2017-07-11

Summary

Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server crash) via a long client response.

Vulnerable Configurations

Part	Description	Count
Application	Gearbox_Software Gearbox Software Halo Combat Evolved 1.2 Gearbox Software Halo Combat Evolved 1.4 Gearbox Software Halo Combat Evolved 1.31	3

References

http://aluigi.altervista.org/adv/haloboom-adv.txt
http://marc.info/?l=bugtraq&m=109479695022024&w=2
http://secunia.com/advisories/12504
http://www.bungie.net/News/Story.aspx?link=hpc105
http://www.securityfocus.com/bid/11147
https://exchange.xforce.ibmcloud.com/vulnerabilities/17310