CVE-2006-2393

Empire 4.3.2 - Denial of Service via Long Text Strings in Client Buffer

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2393. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This entry is a stub referencing a binary exploit for Empire <= 4.3.2, claiming a DoS via strncat. No actual code is provided, only a link to a binary exploit archive.

Description

The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer, which causes an invalid memory access.

Exploits (1)

exploitdb STUB VERIFIED
by Luigi Auriemma · textdoswindows
https://www.exploit-db.com/exploits/1782

This entry is a stub referencing a binary exploit for Empire <= 4.3.2, claiming a DoS via strncat. No actual code is provided, only a link to a binary exploit archive.

Classification
Stub 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Empire <= 4.3.2
No auth needed
Prerequisites: Access to the Empire server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Exploit, Patch x_refsource_misc
http://aluigi.altervista.org/adv/empiredos-adv.txt
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/433940/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26525
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20094
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/896
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1798

Scores

EPSS 0.0376
EPSS Percentile 88.5%

Details

Status published
Products (2)
empire_server/empire_server 4.3.0
empire_server/empire_server 4.3.2
Published May 16, 2006
Tracked Since Feb 18, 2026