Vulnerabilities > CVE-2006-2554 - Remote Buffer Overflow and Denial Of Service vulnerability in Genecys 0.2

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

genecys

exploit available

NVD

Published: 2006-05-24

Updated: 2018-10-18

Summary

Buffer overflow in the tell_player_surr_changes function in Genecys 0.2 and earlier might allow remote attackers to execute arbitrary code via long arguments.

Vulnerable Configurations

Part	Description	Count
Application	Genecys Genecys Genecys 0.2	1

Exploit-Db

description	Genecys. CVE-2006-2554,CVE-2006-2555. Dos exploit for windows platform
id	EDB-ID:1783
last seen	2016-01-31
modified	2006-05-14
published	2006-05-14
reporter	Luigi Auriemma
source	https://www.exploit-db.com/download/1783/
title	Genecys <= 0.2 - BoF/NULL pointer Denial of Service Exploit

References

http://aluigi.altervista.org/adv/genecysbof-adv.txt
http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046015.html
http://secunia.com/advisories/20099
http://securityreason.com/securityalert/944
http://www.osvdb.org/25481
http://www.securityfocus.com/archive/1/433929/30/5010/threaded
http://www.securityfocus.com/bid/17969
http://www.vupen.com/english/advisories/2006/1815
https://exchange.xforce.ibmcloud.com/vulnerabilities/26519