Lucene search

[email protected]CVE-2006-2399

HistoryMay 16, 2006 - 1:02 a.m.

CVE-2006-2399

2006-05-1601:02:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-2399

buffer overflow

denial of service

remote code execution

outgun

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

High

0.1 Low

EPSS

Percentile

94.9%

JSON

Stack-based buffer overflow in the ServerNetworking::incoming_client_data function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a data_file_request command with a long (1) type or (2) name string.

Affected configurations

NVD

Node

outgunoutgunRange≤1.0.3_bot_2

outgunoutgunMatch1.0

outgunoutgunMatch1.0.3

CPENameOperatorVersion
outgun:outgunoutgunle1.0.3_bot_2
outgun:outgunoutguneq1.0
outgun:outgunoutguneq1.0.3

CPE	Name	Operator	Version
outgun:outgun	outgun	le	1.0.3_bot_2
outgun:outgun	outgun	eq	1.0
outgun:outgun	outgun	eq	1.0.3

References

aluigi.altervista.org/adv/outgunx-adv.txt

secunia.com/advisories/20098

securityreason.com/securityalert/898

www.securityfocus.com/archive/1/433932/100/0/threaded

www.securityfocus.com/bid/17985

www.vupen.com/english/advisories/2006/1796

exchange.xforce.ibmcloud.com/vulnerabilities/26509

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

High

0.1 Low

EPSS

Percentile

94.9%

JSON

Related for CVE-2006-2399

prion1 cvelist1 nvd1