Bomberclone : Security vulnerabilities, CVEs

Copy

CVE-2006-4006

The do_gameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not reset the packet data size, which causes the send_pkg function (packets.c) to use this data size when sending a reply, and allows remote attackers to read portions of server memory.

Max CVSS

5.0

EPSS Score

7.10%

Published

2006-08-07

Updated

2017-07-20

CVE-2006-4005

BomberClone 0.11.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via (1) a certain malformed PKGF_ackreq packet, which triggers a crash in the rscache_add() function in pkgcache.c; and (2) an error packet, which is intended to be received by clients and force client shutdown, but also triggers server shutdown.

Max CVSS

5.0

EPSS Score

6.70%

Published

2006-08-07

Updated

2017-07-20

CVE-2006-0460

Public exploit

Multiple buffer overflows in BomberClone before 0.11.6.2 allow remote attackers to execute arbitrary code via long error messages.

Max CVSS

7.5

EPSS Score

87.01%

Published

2006-02-17

Updated

2017-07-20

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!