CVE-2006-4006
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2006-4006
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2006-4006.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2006-4006
- Downstream
- Published
- 2006-08-07T19:04:00Z
- Modified
- 2025-08-09T20:01:26Z
- Summary
- [none]
- Details
-
The dogameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not reset the packet data size, which causes the sendpkg function (packets.c) to use this data size when sending a reply, and allows remote attackers to read portions of server memory.
- References
-
- http://aluigi.altervista.org/adv/bcloneboom-adv.txt
- http://secunia.com/advisories/21303
- http://secunia.com/advisories/21985
- http://www.debian.org/security/2006/dsa-1180
- http://www.vupen.com/english/advisories/2006/3067
- http://aluigi.org/poc/bcloneboom.zip
- http://www.securityfocus.com/bid/19255
- http://www.osvdb.org/27648
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28092