Vulnerability Name: | CVE-2006-4005 (CCN-28090) | ||||||||
Assigned: | 2006-07-30 | ||||||||
Published: | 2006-07-30 | ||||||||
Updated: | 2017-07-20 | ||||||||
Summary: | BomberClone 0.11.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via (1) a certain malformed PKGF_ackreq packet, which triggers a crash in the rscache_add() function in pkgcache.c; and (2) an error packet, which is intended to be received by clients and force client shutdown, but also triggers server shutdown. | ||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:UR)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:UR)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Denial of Service | ||||||||
References: | Source: CCN Type: Luigi Auriemma Advisory 30 Jul 2006 Bugs in BomberClone 0.11.6 Source: MISC Type: Exploit, Vendor Advisory http://aluigi.altervista.org/adv/bcloneboom-adv.txt Source: MISC Type: Exploit http://aluigi.org/poc/bcloneboom.zip Source: MITRE Type: CNA CVE-2006-4005 Source: CCN Type: SA21303 BomberClone Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 21303 Source: SECUNIA Type: UNKNOWN 21985 Source: CCN Type: BomberClone Web site BomberClone Source: DEBIAN Type: UNKNOWN DSA-1180 Source: DEBIAN Type: DSA-1180 bomberclone -- programming error Source: OSVDB Type: UNKNOWN 27647 Source: OSVDB Type: UNKNOWN 27649 Source: CCN Type: OSVDB ID: 27647 BomberClone rscache_add Crafted Packet Remote DoS Source: CCN Type: OSVDB ID: 27649 BomberClone Error Message Server Termination DoS Source: BID Type: Exploit 19255 Source: CCN Type: BID-19255 Bomberclone Multiple Remote Vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2006-3067 Source: XF Type: UNKNOWN bomberclone-rscacheadd-dos(28090) Source: XF Type: UNKNOWN bomberclone-rscacheadd-dos(28090) Source: XF Type: UNKNOWN bomberclone-error-packet-dos(28093) | ||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
Vulnerability Name: | CVE-2006-4005 (CCN-28093) | ||||||||
Assigned: | 2006-07-30 | ||||||||
Published: | 2006-07-30 | ||||||||
Updated: | 2006-07-30 | ||||||||
Summary: | BomberClone is vulnerable to a denial of service attack. A remote attacker could send a specially-crafted error packet to cause the application to crash. | ||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:UR)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:UR)
| ||||||||
Vulnerability Consequences: | Denial of Service | ||||||||
References: | Source: CCN Type: Luigi Auriemma Advisory 30 Jul 2006 Bugs in BomberClone 0.11.6 Source: MITRE Type: CNA CVE-2006-4005 Source: CCN Type: SA21303 BomberClone Multiple Vulnerabilities Source: CCN Type: BomberClone Web site BomberClone Source: DEBIAN Type: DSA-1180 bomberclone -- programming error Source: CCN Type: OSVDB ID: 27647 BomberClone rscache_add Crafted Packet Remote DoS Source: CCN Type: OSVDB ID: 27649 BomberClone Error Message Server Termination DoS Source: CCN Type: BID-19255 Bomberclone Multiple Remote Vulnerabilities Source: XF Type: UNKNOWN bomberclone-error-packet-dos(28093) | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |