MidnightBSD

Advisories for monolith_productions

CVE-2004-1395 MEDIUM

The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. (First Encounter Assault and Recon), and possibly other games, allows remote attackers to cause a denial of service (connection refused) via a UDP packet that causes recvfrom to generate a return code that causes the listening loop to exit, as demonstrated using zero byte packets or packets between 8193 and 12280 bytes, which result in conditions that are not "Operation would block."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
monolith_productions no_one_lives_forever_2 1.0.004
monolith_productions tron 2.0.1.0
monolith_productions tron 2.0.1.42
monolith_productions contract_jack 1.1
monolith_productions no_one_lives_forever_2 1.3
CVE-2004-1500 LOW

Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
monolith_productions sanity 1.0
freeform_interactive purge_jihad 2.2.1
monolith_productions shogo 2.2
monolith_productions global_operations 2.0
monolith_productions contract_jack 1.1
monolith_productions kiss_psycho_circus 1.13
monolith_productions blood 2.2.1
monolith_productions alien_versus_predator 2.1.0.9.6
monolith_productions global_operations 2.1
monolith_productions legends_of_might_and_magic 1.1
monolith_productions tron 2.0.1.42
monolith_productions no_one_lives_forever 2.1.3
monolith_productions no_one_lives_forever 1.0.004
CVE-2004-1587 MEDIUM

Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
monolith_productions blood 2_2.1
monolith_productions alien_versus_predator 2.1.0.9.6
monolith_productions shogo 2.2
monolith_productions no_one_lives_forever 1.0.004