CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
97.1%
Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to execute arbitrary code via a large nickname, which is not properly handled by the listen_thread_udp function.
Vendor | Product | Version | CPE |
---|---|---|---|
dconnect | dconnect_daemon | 0.0.2 | cpe:2.3:a:dconnect:dconnect_daemon:0.0.2:*:*:*:*:*:*:* |
dconnect | dconnect_daemon | 0.0.3 | cpe:2.3:a:dconnect:dconnect_daemon:0.0.3:*:*:*:*:*:*:* |
dconnect | dconnect_daemon | 0.7.0 | cpe:2.3:a:dconnect:dconnect_daemon:0.7.0:*:*:*:*:*:*:* |
secunia.com/advisories/21384
securityreason.com/securityalert/1377
securitytracker.com/id?1016641
www.dc.ds.pg.gda.pl/
www.dc.ds.pg.gda.pl/?page=doc&doc=changelog
www.securityfocus.com/archive/1/442440/100/0/threaded
www.securityfocus.com/bid/19369
www.vupen.com/english/advisories/2006/3181
exchange.xforce.ibmcloud.com/vulnerabilities/28276