CVE-2004-1395

Name of the Vulnerable Software and Affected Versions: Lithtech engine versions used in Contract Jack 1.1 and earlier Lithtech engine versions used in No one lives forever 2 1.3 and earlier Lithtech engine versions used in Tron 2.0 1.042 and earlier F.E.A.R. (First Encounter Assault and Recon)

Description: The issue allows remote attackers to cause a denial of service, resulting in a connection refusal. This can be achieved by sending a UDP packet that causes the recvfrom function to generate a return code, leading to the exit of the listening loop. Attackers can exploit this using zero-byte packets or packets with a size between 8193 and 12280 bytes, which create conditions that are not "Operation would block."

Recommendations: For Contract Jack version 1.1 and earlier, update to a version later than 1.1 to resolve the issue. For No one lives forever 2 version 1.3 and earlier, update to a version later than 1.3 to resolve the issue. For Tron 2.0 version 1.042 and earlier, update to a version later than 1.042 to resolve the issue. For F.E.A.R. (First Encounter Assault and Recon), at the moment, there is no information about a newer version that contains a fix for this issue.