CVE-2008-2748

EPSS 12.68%
Veröffentlicht 18.06.2008 19:41:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Skulltag 0.97d2-RC2 and earlier allows remote attackers to cause a denial of service (daemon hang) via a series of long, malformed connect packets, related to these packets being "parsed multiple times."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Skulltag Team ≫ Skulltag Version0.95c

Skulltag Team ≫ Skulltag Version0.95d

Skulltag Team ≫ Skulltag Version0.95e

Skulltag Team ≫ Skulltag Version0.95f

Skulltag Team ≫ Skulltag Version0.95g

Skulltag Team ≫ Skulltag Version0.95h

Skulltag Team ≫ Skulltag Version0.95i

Skulltag Team ≫ Skulltag Version0.95j

Skulltag Team ≫ Skulltag Version0.95k

Skulltag Team ≫ Skulltag Version0.96b

Skulltag Team ≫ Skulltag Version0.96c

Skulltag Team ≫ Skulltag Version0.96d

Skulltag Team ≫ Skulltag Version0.96e

Skulltag Team ≫ Skulltag Version0.96f

Skulltag Team ≫ Skulltag Version0.97b

Skulltag Team ≫ Skulltag Version0.97c

Skulltag Team ≫ Skulltag Version0.97c2

Skulltag Team ≫ Skulltag Version0.97c3

Skulltag Team ≫ Skulltag Version0.97d

Skulltag Team ≫ Skulltag Version0.97d Updatebeta_1

Skulltag Team ≫ Skulltag Version0.97d Updatebeta_2

Skulltag Team ≫ Skulltag Version0.97d Updatebeta_3

Skulltag Team ≫ Skulltag Version0.97d Updatebeta_4

Skulltag Team ≫ Skulltag Version0.97d Updatebeta_4.1

Skulltag Team ≫ Skulltag Version0.97d Updatebeta_4.2

Skulltag Team ≫ Skulltag Version0.97d Updatebeta_4.3

Skulltag Team ≫ Skulltag Version0.97d Updaterc10

Skulltag Team ≫ Skulltag Version0.97d Updaterc9

Skulltag Team ≫ Skulltag Version0.97d2 Updaterc2

Skulltag Team ≫ Skulltag Version0.97d2 Updaterc3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	12.68%	0.938

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://aluigi.org/poc/skulltagloop.zip

http://secunia.com/advisories/30668

Vendor Advisory

http://securityreason.com/securityalert/3953

http://skulltag.com/testing/public/Skulltag%20Version%20History.txt

http://www.securityfocus.com/archive/1/493386/100/0/threaded

http://www.securityfocus.com/bid/29760

https://exchange.xforce.ibmcloud.com/vulnerabilities/43125

https://nvd.nist.gov/vuln/detail/CVE-2008-2748

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-2748

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-2748

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2008-2748