Описание
The do_gameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not reset the packet data size, which causes the send_pkg function (packets.c) to use this data size when sending a reply, and allows remote attackers to read portions of server memory.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 0.11.7-1 |
| edgy | released | 0.11.7-1 |
| feisty | released | 0.11.7-1 |
| gutsy | released | 0.11.7-1 |
| hardy | released | 0.11.7-1 |
| intrepid | released | 0.11.7-1 |
| jaunty | released | 0.11.7-1 |
| karmic | released | 0.11.7-1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
The do_gameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not reset the packet data size, which causes the send_pkg function (packets.c) to use this data size when sending a reply, and allows remote attackers to read portions of server memory.
The do_gameinfo function in BomberClone 0.11.6 and earlier, and possib ...
The do_gameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not reset the packet data size, which causes the send_pkg function (packets.c) to use this data size when sending a reply, and allows remote attackers to read portions of server memory.
EPSS
5 Medium
CVSS2