Vulnerabilites related to fasttrack - kazaa
Vulnerability from fkie_nvd
Published
2002-06-25 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fasttrack:kazaa:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1822B5C-7CF1-471A-BCEB-45C0B7D4557F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fasttrack:kazaa:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "952CFB2E-0EDC-42F7-AE61-FE24B788560E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fasttrack:kazaa:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BF80EB-9419-4DFE-981C-16A13BA2514D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fasttrack:kazaa:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2167462C-1EE2-4135-A3C7-B406B2B4B1BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:grokster:grokster:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A111C90-0690-4959-A5A1-90DD92A29B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:grokster:grokster:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6C612287-28B4-4076-9996-1612664A1197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:music_city_networks:morpheus:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "428A1F71-03EA-44CC-AE40-6FD6BA9BB842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:music_city_networks:morpheus:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C458BE-897A-4C88-BAB6-86755B896B89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message."
}
],
"id": "CVE-2002-0314",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-06-25T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101441689224760\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8273.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101441689224760\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8273.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4122"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-06-25 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=101441689224760&w=2 | ||
| cve@mitre.org | http://www.iss.net/security_center/static/8272.php | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/4121 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=101441689224760&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/8272.php | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/4121 | Exploit, Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fasttrack:kazaa:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1822B5C-7CF1-471A-BCEB-45C0B7D4557F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fasttrack:kazaa:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "952CFB2E-0EDC-42F7-AE61-FE24B788560E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fasttrack:kazaa:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BF80EB-9419-4DFE-981C-16A13BA2514D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fasttrack:kazaa:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2167462C-1EE2-4135-A3C7-B406B2B4B1BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fasttrack:kazaa:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6683D8-EF86-46EF-86A8-3C6F9BAF63BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:grokster:grokster:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A111C90-0690-4959-A5A1-90DD92A29B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:grokster:grokster:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6C612287-28B4-4076-9996-1612664A1197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:music_city_networks:morpheus:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "428A1F71-03EA-44CC-AE40-6FD6BA9BB842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:music_city_networks:morpheus:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C458BE-897A-4C88-BAB6-86755B896B89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header."
}
],
"id": "CVE-2002-0315",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-06-25T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101441689224760\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8272.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101441689224760\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8272.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4121"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2002-0314 (GCVE-0-2002-0314)
Vulnerability from cvelistv5
Published
2002-05-03 04:00
Modified
2024-08-08 02:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=101441689224760&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.iss.net/security_center/static/8273.php | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/4122 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:29.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020222 Morpheus, Kazaa and Grokster Remote DoS. Also Identity faking vulnerability.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101441689224760\u0026w=2"
},
{
"name": "fasttrack-message-service-dos(8273)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8273.php"
},
{
"name": "4122",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4122"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-02-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020222 Morpheus, Kazaa and Grokster Remote DoS. Also Identity faking vulnerability.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101441689224760\u0026w=2"
},
{
"name": "fasttrack-message-service-dos(8273)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8273.php"
},
{
"name": "4122",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4122"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020222 Morpheus, Kazaa and Grokster Remote DoS. Also Identity faking vulnerability.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101441689224760\u0026w=2"
},
{
"name": "fasttrack-message-service-dos(8273)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8273.php"
},
{
"name": "4122",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4122"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0314",
"datePublished": "2002-05-03T04:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T02:42:29.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0315 (GCVE-0-2002-0315)
Vulnerability from cvelistv5
Published
2002-05-03 04:00
Modified
2024-08-08 02:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=101441689224760&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.iss.net/security_center/static/8272.php | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/4121 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:29.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020222 Morpheus, Kazaa and Grokster Remote DoS. Also Identity faking vulnerability.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101441689224760\u0026w=2"
},
{
"name": "fasttrack-message-service-spoof(8272)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8272.php"
},
{
"name": "4121",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4121"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-02-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020222 Morpheus, Kazaa and Grokster Remote DoS. Also Identity faking vulnerability.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101441689224760\u0026w=2"
},
{
"name": "fasttrack-message-service-spoof(8272)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8272.php"
},
{
"name": "4121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4121"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020222 Morpheus, Kazaa and Grokster Remote DoS. Also Identity faking vulnerability.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101441689224760\u0026w=2"
},
{
"name": "fasttrack-message-service-spoof(8272)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8272.php"
},
{
"name": "4121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4121"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0315",
"datePublished": "2002-05-03T04:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T02:42:29.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}