CVE-2006-4006
EPSS 11.9%Published: 8/7/2006Modified: 4/28/2026
Description
The do_gameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not reset the packet data size, which causes the send_pkg function (packets.c) to use this data size when sending a reply, and allows remote attackers to read portions of server memory.
Affected packages (1)
- Debian/bomberclonefrom 0, < 0.11.7-1