Strix
26.1K

CVE-2006-2408

UnknownEPSS 6.03%

Last modified

CVE-2006-2408 is a vulnerability of currently unknown severity. Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via (1) the raydium_log function in log.c or (2) the raydium_console_line_add function in console.c, possibly from a long player name.. EPSS estimates a 6.03% chance of exploitation in the next 30 days.

Description

Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via (1) the raydium_log function in log.c or (2) the raydium_console_line_add function in console.c, possibly from a long player name.

Metrics

EPSS Probability
6.03%

92.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
RaydiumRaydiumsvn_revision_283
RaydiumRaydiumsvn_revision_284
RaydiumRaydiumsvn_revision_285
RaydiumRaydiumsvn_revision_286
RaydiumRaydiumsvn_revision_287
RaydiumRaydiumsvn_revision_288
RaydiumRaydiumsvn_revision_289
RaydiumRaydiumsvn_revision_290
RaydiumRaydiumsvn_revision_291
RaydiumRaydiumsvn_revision_292
RaydiumRaydiumsvn_revision_293
RaydiumRaydiumsvn_revision_294
RaydiumRaydiumsvn_revision_295
RaydiumRaydiumsvn_revision_296
RaydiumRaydiumsvn_revision_297
RaydiumRaydiumsvn_revision_298
RaydiumRaydiumsvn_revision_299
RaydiumRaydiumsvn_revision_300
RaydiumRaydiumsvn_revision_301
RaydiumRaydiumsvn_revision_302
RaydiumRaydiumsvn_revision_303
RaydiumRaydiumsvn_revision_304
RaydiumRaydiumsvn_revision_305
RaydiumRaydiumsvn_revision_306
RaydiumRaydiumsvn_revision_307
RaydiumRaydiumsvn_revision_308
RaydiumRaydiumsvn_revision_309

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2006-2408?
Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via (1) the raydium_log function in log.c or (2) the raydium_console_line_add function in console.c, possibly from a long player name.
How severe is CVE-2006-2408?
Severity scoring for CVE-2006-2408 is pending analysis. The EPSS model estimates a 6.03% probability of exploitation in the next 30 days.
How do I fix CVE-2006-2408?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-2408?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST