Mythic Entertainment Dark Age of Camelo加密密钥签名漏洞

漏洞信息详情

Mythic Entertainment Dark Age of Camelo加密密钥签名漏洞

• CNNVD编号：CNNVD-200403-100
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2004-1855
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2004-03-23
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  mythic_entertainment
• 漏洞来源：
  Disclosure of this…

Dark Age of Camelot 1.68之前版本的live补丁存在无RSA公钥签名的漏洞。远程恶意服务器借助man-in-the-middle攻击获得敏感信息。

Upgrades are available that are not prone to this vulnerability. It should be noted that the vendor has neither confirmed or denied this issue.

来源: XF
名称: daoc-login-mitm(15597)
链接:http://xforce.iss.net/xforce/xfdb/15597

来源: BID
名称: 9960
链接:http://www.securityfocus.com/bid/9960

来源: BUGTRAQ
名称: 20040324 Dark Age of Camelot login client vulnerability to man in the middle
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=108016932816707&w=2

来源: FULLDISC
名称: 20040323 Dark Age of Camelot login client vulnerability to man in the middle attack
链接:http://lists.netsys.com/pipermail/full-disclosure/2004-March/019212.html

来源: capnbry.net
链接:http://capnbry.net/daoc/advisory20040323/