Vulnerability Details CVE-2006-1744
Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows local users to execute arbitrary code via a long player name that is used in a scanf function call.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.4%
CVSS Severity
CVSS v2 Score 4.6
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=360989
- http://secunia.com/advisories/19687
- http://securityreason.com/securityalert/736
- http://www.debian.org/security/2006/dsa-1036
- http://www.osvdb.org/24634
- http://www.pulltheplug.org/fu/?q=node/56
- http://www.securityfocus.com/bid/17401
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=360989
- http://secunia.com/advisories/19687
- http://securityreason.com/securityalert/736
- http://www.debian.org/security/2006/dsa-1036
- http://www.osvdb.org/24634
- http://www.pulltheplug.org/fu/?q=node/56
- http://www.securityfocus.com/bid/17401
Products affected by CVE-2006-1744
-
cpe:2.3:a:joey_hess:bsdgames:2.12
-
cpe:2.3:a:joey_hess:bsdgames:2.13
-
cpe:2.3:a:joey_hess:bsdgames:2.14
-
cpe:2.3:a:joey_hess:bsdgames:2.17
-
cpe:2.3:a:joey_hess:bsdgames:2.9