CVE-2006-2399

Outgun < 1.0.3_bot_2 - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the ServerNetworking::incoming_client_data function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a data_file_request command with a long (1) type or (2) name string.

Exploits (1)

exploitdb SUSPICIOUS

doswindows

https://www.exploit-db.com/exploits/1781

View Code ZIP pw:eip

References (7)

[Exploit] http://aluigi.altervista.org/adv/outgunx-adv.txt

[Exploit, Vendor Advisory] http://secunia.com/advisories/20098

[Exploit] http://www.securityfocus.com/bid/17985

[Vendor Advisory] http://www.vupen.com/english/advisories/2006/1796

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/26509

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/433932/100/0/threaded

[Third Party Advisory] http://securityreason.com/securityalert/898

Scores

EPSS 0.1398

EPSS Percentile 94.4%

Details

CWE

CWE-119

Status published

Products (3)

outgun/outgun 1.0

outgun/outgun 1.0.3

outgun/outgun < 1.0.3_bot_2

Published May 16, 2006

Tracked Since Feb 18, 2026