Info

Disclosure

Jul 30, 2006

Discovery

Unknown

Dates

Exploit

Jul 30, 2006

Solution

Unknown

Description

BomberClone contains a flaw that may allow a malicious user to crash the server. The issue is triggered when sending an error message packet (normaly sent to clients) to the server. It is possible that the flaw may cause the server to crash resulting in a loss of availability.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Available

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

BomberClone

0.11.6

References

Bugtraq ID: 19255
CVE ID: 2006-4005 (see also: NVD)
Secunia Advisory ID: 21303 21985
Related OSVDB ID: 27647 27648
Other Advisory URL: http://aluigi.altervista.org/adv/bcloneboom-adv.txt
Generic Exploit URL: http://aluigi.org/poc/bcloneboom.zip
Vendor URL: http://bomberclone.de/
Vendor Specific Advisory URL: http://www.us.debian.org/security/2006/dsa-1180

Credit

Luigi Auriemma - aluigialtervista.org - http://aluigi.altervista.org

Direct URL: http://osvdb.org/36218