CVE-2004-2705 — Pvpgn vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.6%

top 31.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Pvpgn Debian Pvpgn

Timeline

PublishedDec 31

Latest updateApr 29

Description

Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) before 1.6.4 allows remote attackers to obtain attributes of arbitrary accounts, including the password hash, via certain statsreq packets.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/pvpgn< pvpgn 1.6.4+20040826-1 (bookworm)

▶Debianpvpgn/pvpgn< 1.6.4+20040826-1+3

▶NVDpvpgn/pvpgn1.6.3+3

🔴Vulnerability Details

GHSA

GHSA-rrwg-cv62-hrxc: Unspecified vulnerability in Player vs↗2022-04-29

▶

OSV

CVE-2004-2705: Unspecified vulnerability in Player vs↗2004-12-31

▶

📋Vendor Advisories

Debian

CVE-2004-2705: pvpgn - Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) before 1.6...↗2004

▶