ID

VAR-199905-0051


CVE

CVE-1999-1566


TITLE

iParty Conferencing Server Remote Denial of Service Attack Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-199905-021

DESCRIPTION

Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters. A buffer overflow condition has been discovered in the Intel iParty server. The server will need to be restarted to regain normal functionality. This issue may be due to a buffer overrun, potentially resulting in arbitrary code execution. This possibility has not been confirmed. iParty is a small voice conference chat program developed by Intel Experimental Technologies Department. The iParty meeting service daemon does not correctly handle the malformed requests submitted by users. Remote attackers can use this vulnerability to carry out denial-of-service attacks on the meeting service system

Trust: 1.26

sources: NVD: CVE-1999-1566 // BID: 6844 // VULHUB: VHN-1547

AFFECTED PRODUCTS

vendor:intelmodel:ipartyscope:lteversion:1.2

Trust: 1.0

vendor:intelmodel:ipartyscope:eqversion:1.2

Trust: 0.6

vendor:intelmodel:iparty conferencing serverscope:eqversion:1.2

Trust: 0.3

sources: BID: 6844 // CNNVD: CNNVD-199905-021 // NVD: CVE-1999-1566

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1566
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-199905-021
value: MEDIUM

Trust: 0.6

VULHUB: VHN-1547
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-1999-1566
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-1547
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1547 // CNNVD: CNNVD-199905-021 // NVD: CVE-1999-1566

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-1566

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199905-021

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 6844 // CNNVD: CNNVD-199905-021

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-1547

EXTERNAL IDS

db:NVDid:CVE-1999-1566

Trust: 2.0

db:CNNVDid:CNNVD-199905-021

Trust: 0.7

db:BUGTRAQid:19990508 IPARTY DAEMON VULNERABILITY W/ EXPLOIT CODE (WORSE THAN THOUGHT?)

Trust: 0.6

db:NSFOCUSid:4402

Trust: 0.6

db:BIDid:6844

Trust: 0.4

db:SEEBUGid:SSVID-76059

Trust: 0.1

db:EXPLOIT-DBid:22250

Trust: 0.1

db:VULHUBid:VHN-1547

Trust: 0.1

sources: VULHUB: VHN-1547 // BID: 6844 // CNNVD: CNNVD-199905-021 // NVD: CVE-1999-1566

REFERENCES

url:http://www.securityfocus.com/archive/1/13600

Trust: 2.7

url:http://www.nsfocus.net/vulndb/4402

Trust: 0.6

url:http://online.securityfocus.com/archive/1/13600

Trust: 0.3

sources: VULHUB: VHN-1547 // BID: 6844 // CNNVD: CNNVD-199905-021 // NVD: CVE-1999-1566

CREDITS

wh00t X※ bugtraq2@hotmail.com

Trust: 0.6

sources: CNNVD: CNNVD-199905-021

SOURCES

db:VULHUBid:VHN-1547
db:BIDid:6844
db:CNNVDid:CNNVD-199905-021
db:NVDid:CVE-1999-1566

LAST UPDATE DATE

2024-11-22T22:49:01.566000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-1547date:2008-09-05T00:00:00
db:BIDid:6844date:2009-07-11T20:06:00
db:CNNVDid:CNNVD-199905-021date:2005-10-20T00:00:00
db:NVDid:CVE-1999-1566date:2024-11-20T23:31:25.320

SOURCES RELEASE DATE

db:VULHUBid:VHN-1547date:1999-05-08T00:00:00
db:BIDid:6844date:1999-05-08T00:00:00
db:CNNVDid:CNNVD-199905-021date:1999-05-08T00:00:00
db:NVDid:CVE-1999-1566date:1999-05-08T04:00:00