Details of VAR-199905-0051

ID

VAR-199905-0051

CVE

CVE-1999-1566

TITLE

iParty Conferencing Server Remote Denial of Service Attack Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-199905-021

DESCRIPTION

Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters. A buffer overflow condition has been discovered in the Intel iParty server. The server will need to be restarted to regain normal functionality. This issue may be due to a buffer overrun, potentially resulting in arbitrary code execution. This possibility has not been confirmed. iParty is a small voice conference chat program developed by Intel Experimental Technologies Department. The iParty meeting service daemon does not correctly handle the malformed requests submitted by users. Remote attackers can use this vulnerability to carry out denial-of-service attacks on the meeting service system

Trust: 1.26

sources: NVD: CVE-1999-1566 // BID: 6844 // VULHUB: VHN-1547

AFFECTED PRODUCTS

vendor:	intel	model:	iparty	scope:	lte	version:	1.2	Trust: 1.0
vendor:	intel	model:	iparty	scope:	eq	version:	1.2	Trust: 0.6
vendor:	intel	model:	iparty conferencing server	scope:	eq	version:	1.2	Trust: 0.3

sources: BID: 6844 // CNNVD: CNNVD-199905-021 // NVD: CVE-1999-1566

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-1999-1566
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-199905-021
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-1547
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-1999-1566
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-1547
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-1547 // CNNVD: CNNVD-199905-021 // NVD: CVE-1999-1566

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-1566

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199905-021

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 6844 // CNNVD: CNNVD-199905-021

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-1547

EXTERNAL IDS

db:	NVD	id:	CVE-1999-1566	Trust: 2.0
db:	CNNVD	id:	CNNVD-199905-021	Trust: 0.7
db:	BUGTRAQ	id:	19990508 IPARTY DAEMON VULNERABILITY W/ EXPLOIT CODE (WORSE THAN THOUGHT?)	Trust: 0.6
db:	NSFOCUS	id:	4402	Trust: 0.6
db:	BID	id:	6844	Trust: 0.4
db:	SEEBUG	id:	SSVID-76059	Trust: 0.1
db:	EXPLOIT-DB	id:	22250	Trust: 0.1
db:	VULHUB	id:	VHN-1547	Trust: 0.1

sources: VULHUB: VHN-1547 // BID: 6844 // CNNVD: CNNVD-199905-021 // NVD: CVE-1999-1566

REFERENCES

url:	http://www.securityfocus.com/archive/1/13600	Trust: 1.7
url:	http://www.nsfocus.net/vulndb/4402	Trust: 0.6
url:	http://online.securityfocus.com/archive/1/13600	Trust: 0.3

sources: VULHUB: VHN-1547 // BID: 6844 // CNNVD: CNNVD-199905-021 // NVD: CVE-1999-1566

CREDITS

wh00t X※ bugtraq2@hotmail.com

Trust: 0.6

sources: CNNVD: CNNVD-199905-021

SOURCES

db:	VULHUB	id:	VHN-1547
db:	BID	id:	6844
db:	CNNVD	id:	CNNVD-199905-021
db:	NVD	id:	CVE-1999-1566

LAST UPDATE DATE

2024-08-14T14:16:25.650000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-1547	date:	2008-09-05T00:00:00
db:	BID	id:	6844	date:	2009-07-11T20:06:00
db:	CNNVD	id:	CNNVD-199905-021	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-1999-1566	date:	2008-09-05T20:19:49.880

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-1547	date:	1999-05-08T00:00:00
db:	BID	id:	6844	date:	1999-05-08T00:00:00
db:	CNNVD	id:	CNNVD-199905-021	date:	1999-05-08T00:00:00
db:	NVD	id:	CVE-1999-1566	date:	1999-05-08T04:00:00