CVE-2006-0176

xmame - Buffer Overflow via Long Command Line Arguments

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-0176. PoCs published by Qnix, xwings.

AI-analyzed exploit summary This exploit leverages a local buffer overflow in Xmame 0.102 via the '-lang' argument to execute arbitrary shellcode, resulting in a root shell. The exploit calculates the stack pointer and overwrites the return address with a NOP sled followed by shellcode.

Description

Buffer overflow in certain functions in src/fileio.c and src/unix/fileio.c in xmame before 11 January 2006 may allow local users to gain privileges via a long (1) -lang, (2) -ctrlr, (3) -pb, or (4) -rec argument on many operating systems, and via a long (5) -jdev argument on Ubuntu Linux.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Qnix · clocallinux
https://www.exploit-db.com/exploits/1415

This exploit leverages a local buffer overflow in Xmame 0.102 via the '-lang' argument to execute arbitrary shellcode, resulting in a root shell. The exploit calculates the stack pointer and overwrites the return address with a NOP sled followed by shellcode.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Xmame 0.102
No auth needed
Prerequisites: Local access to the target system · Xmame 0.102 installed · Execution permissions for the Xmame binary
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by xwings · rubylocallinux
https://www.exploit-db.com/exploits/1412

This exploit targets a buffer overflow vulnerability in xmame 0.102 via the '-lang' command-line argument. It uses a 49-byte shellcode to spawn a shell by leveraging a stack-based overflow with a NOP sled and return address overwrite.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: xmame 0.102
No auth needed
Prerequisites: xmame 0.102 installed on a vulnerable system · ability to execute the exploit locally
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Various Sources x_refsource_confirm
http://x.mame.net/changes-unix.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/421849/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24102
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16203

Scores

EPSS 0.0098
EPSS Percentile 57.7%

Details

Status published
Products (1)
xmame/xmame 0.102
Published Jan 11, 2006
Tracked Since Feb 18, 2026