CVE-2004-0247
published 2004-11-23CVE-2004-0247: The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service (crash via exception) via a UDP packet with a length field…
PriorityP418medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
3.44%
87.5th percentile
The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service (crash via exception) via a UDP packet with a length field that is greater than the actual data length, which causes Chaser to read unexpected memory.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cauldron | chaser_client | — | — |
| cauldron | chaser_server | — | — |
| cauldron | chaser_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Cauldron Chaser 1.4/1.5 - Remote Denial of Service (1)
exploitdb·2004-02-03
CVE-2004-0247 Cauldron Chaser 1.4/1.5 - Remote Denial of Service (1)
Cauldron Chaser 1.4/1.5 - Remote Denial of Service (1)
---
source: https://www.securityfocus.com/bid/9567/info
Chaser has been reported to be prone to a denial of service vulnerability. This issue is caused by a lack of input validation of a size parameter specified in UDP network communication packets. The process will attempt to read the amount of data specified by the packet, without regard to the amount of memory allocated. This will cause an attempt by the application to dereference unallocated memory, producing an exception and causing the process to crash.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23641.rar
Exploit-DB
Cauldron Chaser 1.4/1.5 - Remote Denial of Service (2)
exploitdb·2004-02-03
CVE-2004-0247 Cauldron Chaser 1.4/1.5 - Remote Denial of Service (2)
Cauldron Chaser 1.4/1.5 - Remote Denial of Service (2)
---
source: https://www.securityfocus.com/bid/9567/info
Chaser has been reported to be prone to a denial of service vulnerability. This issue is caused by a lack of input validation of a size parameter specified in UDP network communication packets. The process will attempt to read the amount of data specified by the packet, without regard to the amount of memory allocated. This will cause an attempt by the application to dereference unallocated memory, producing an exception and causing the process to crash.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23642.rar
No writeups or analysis indexed.
2004-11-23
Published