Signature Detail
Short Name |
APP:BOMBER-BO |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Bomberclone Buffer Overflow |
Release Date |
2010/05/19 |
Update Number |
1685 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Bomberclone Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Bomberclone. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user that is running the application. This signature is based on the public PoC in the Metasploit Framework.
Extended Description
BomberClone is prone to a buffer-overflow vulnerability. This issue is due to a failure in the application to perform proper boundary checks on user-supplied data before storing it in a finite sized buffer. This issue may be exploited to execute arbitrary code in the context of the user who is running the application. Version 0.11.6.2 is vulnerable; other versions may also be affected.
Affected Products
- BomberClone 0.11.6.1
- BomberClone 0.11.6.2
- Debian Linux 3.1.0
- Debian Linux 3.1.0 Alpha
- Debian Linux 3.1.0 Amd64
- Debian Linux 3.1.0 Arm
- Debian Linux 3.1.0 Hppa
- Debian Linux 3.1.0 Ia-32
- Debian Linux 3.1.0 Ia-64
- Debian Linux 3.1.0 M68k
- Debian Linux 3.1.0 Mips
- Debian Linux 3.1.0 Mipsel
- Debian Linux 3.1.0 Ppc
- Debian Linux 3.1.0 S/390
- Debian Linux 3.1.0 Sparc
- Gentoo Linux
References
- BugTraq: 16697
- CVE: CVE-2006-0460