CVE-2006-1744

NameCVE-2006-1744
DescriptionBuffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows local users to execute arbitrary code via a long player name that is used in a scanf function call.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1036-1
NVD severitymedium (attack range: local)
Debian Bugs360989

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
bsdgames (PTS)wheezy2.17-21fixed
jessie2.17-22fixed
stretch2.17-25fixed
buster, sid2.17-26fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
bsdgamessource(unstable)2.17-7medium360989
bsdgamessourcesarge2.7.59-7sarge1mediumDSA-1036-1
bsdgamessourcewoody2.13-7woody0mediumDSA-1036-1

Search for package or bug name: Reporting problems