CVE-2005-0369
published 2005-05-02CVE-2005-0369: Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service (application crash) via a packet…
PriorityP421medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
EXPLOIT
EPSS
3.55%
87.8th percentile
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service (application crash) via a packet with a large (1) descriptor ID or (2) claim_id, which exceeds the boundaries of an array.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| armagetronad | armagetron | <= 0.2.6.0 | — |
| armagetronad | armagetron_advanced | <= 0.2.7.0 | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
CWE
Improper Validation of Specified Index, Position, or Offset in Input
mitre_cwe
CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input
CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input
The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties.
Often, indexable resources such as memory buffers or files can be accessed using a specific position, index, or offset, such as an index for an array or a position for a file. When untrusted input is not properly validated before it is used as an index, attackers could access (or attempt to access) unauthorized portions of these resources. This could be used to cause buffer overflows, excessive resource allocation, or trigger unexpected failures.
Modes of
CWE
Improper Validation of Array Index
mitre_cwe
CWE-129 Improper Validation of Array Index
CWE-129: Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Integrity, Availability. Impact: DoS: Crash, Exit, or Restart. Use of an index that is outside the bounds of an array will very likely result in the corruption of relevant memory and perhaps instructions, leading to a crash, if the values are outside of the valid memory area.
Scope: Integrity. Impact: Modify Memory. If the memory corrupted is data, rather than instructions, the system will continue to function with improper values.
Scope: Confidentiality, Integrity.
2005-05-02
Published