Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

LWN.net Weekly Edition for November 20, 2008

LWN.net Weekly Edition for November 13, 2008

NLUUG/ELCE: Embedded devices and free software

Weekly edition	Kernel	Security	Distributions	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ

bomberclone: information disclosure and denial of service

Package(s):

bomberclone

CVE #(s):

CVE-2006-4005 CVE-2006-4006

Created:

September 19, 2006

Updated:

September 20, 2006

Description:

Luigi Auriemma discovered two security related bugs in bomberclone, a free Bomberman clone. The program copies remotely provided data unchecked which could lead to a denial of service via an application crash. Bomberclone uses remotely provided data as length argument which can lead to the disclosure of private information.

Alerts:

Debian

DSA-1180-1

2006-09-19

(Log in to post comments)

bomberclone: information disclosure and denial of service

Posted Sep 29, 2006 13:51 UTC (Fri) by nettings (subscriber, #429) [Link]

yeeeehah.

that's one denial-of-service vulnerability more for mindcraft to cite in its next "why-windows-is-more-secure-than-everyone-else" "study".

and while we sit sobbing in front of a smoking pile of bomberclone debris, our cubicle neighbors can enjoy another round of high-availability minesweeper. mean, mean world.