Vulnerability Description
Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remote malicious servers to gain sensitive information via a man-in-the-middle attack.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mythic Entertainment | Dark Age Of Camelot | 1.60 |
References
- http://capnbry.net/daoc/advisory20040323/ExploitVendor Advisory
- http://lists.netsys.com/pipermail/full-disclosure/2004-March/019212.html
- http://marc.info/?l=bugtraq&m=108016932816707&w=2
- http://www.securityfocus.com/bid/9960ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15597
- http://capnbry.net/daoc/advisory20040323/ExploitVendor Advisory
- http://lists.netsys.com/pipermail/full-disclosure/2004-March/019212.html
- http://marc.info/?l=bugtraq&m=108016932816707&w=2
- http://www.securityfocus.com/bid/9960ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15597
FAQ
What is CVE-2004-1855?
CVE-2004-1855 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remote malicious servers to gain sensitive information via a man-in-the-middle attack.
How severe is CVE-2004-1855?
CVE-2004-1855 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1855?
Check the references section above for vendor advisories and patch information. Affected products include: Mythic Entertainment Dark Age Of Camelot.