CVE-2004-1216

Name of the Vulnerable Software and Affected Versions: Kreed versions 1.05 and earlier

Description: The issue allows remote attackers to cause a denial of service, resulting in a server freeze. This can be achieved by sending a long nickname or model type, which generates dialog boxes on the server. These dialog boxes must be manually handled before the server can continue the game.

Recommendations: For Kreed versions 1.05 and earlier, consider restricting the length of nickname and model type inputs to prevent the generation of excessive dialog boxes on the server. As a temporary workaround, limit the ability to send long inputs until a more permanent fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.