Vulnerability Name:

CVE-1999-1566 (CCN-1416)

Assigned:1998-11-30
Published:1998-11-30
Updated:2008-09-05
Summary:Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
CVSS v3 Severity:8.2 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
4.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
8.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:C)
6.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:C/E:U/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: BugTraq Mailing List, Mon, 30 Nov 1998 21:46:52
iParty can be shut down remotely

Source: CCN
Type: BugTraq Mailing List, Sat, 8 May 1999 13:11:34 EDT
iParty Daemon Vulnerability w/ Exploit Code (worse than thought?)

Source: MITRE
Type: CNA
CVE-1999-1566

Source: CCN
Type: OSVDB ID: 12653
iParty Client Extended Character Handling Remote Overflow DoS

Source: BUGTRAQ
Type: Exploit, Vendor Advisory
19990508 iParty Daemon Vulnerability w/ Exploit Code (worse than thought?)

Source: CCN
Type: BID-6844
iParty Conferencing Server Denial Of Service Vulnerability

Source: XF
Type: UNKNOWN
iparty-dos(1416)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:intel:iparty:*:*:*:*:*:*:*:* (Version <= 1.2)

  • Configuration CCN 1:
  • cpe:/a:intel:iparty:*:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows_95:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98se:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_me:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:xp:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:2003_server:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    intel iparty *
    intel iparty *
    microsoft windows 95 *
    microsoft windows nt 4.0
    microsoft windows 98 *
    microsoft windows 98se *
    microsoft windows 2000 *
    microsoft windows me *
    microsoft windows xp
    microsoft windows 2003_server