CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
83.1%
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
Vendor | Product | Version | CPE |
---|---|---|---|
bnc | bnc | 2.2.4 | cpe:2.3:a:bnc:bnc:2.2.4:*:*:*:*:*:*:* |
bnc | bnc | 2.4.6 | cpe:2.3:a:bnc:bnc:2.4.6:*:*:*:*:*:*:* |
bnc | bnc | 2.4.8 | cpe:2.3:a:bnc:bnc:2.4.8:*:*:*:*:*:*:* |
bnc | bnc | 2.6 | cpe:2.3:a:bnc:bnc:2.6:*:*:*:*:*:*:* |
bnc | bnc | 2.6.2 | cpe:2.3:a:bnc:bnc:2.6.2:*:*:*:*:*:*:* |
bnc | bnc | 2.6.4 | cpe:2.3:a:bnc:bnc:2.6.4:*:*:*:*:*:*:* |
bnc | bnc | 2.8.8 | cpe:2.3:a:bnc:bnc:2.8.8:*:*:*:*:*:*:* |
bnc | bnc | 2.8.9 | cpe:2.3:a:bnc:bnc:2.8.9:*:*:*:*:*:*:* |
debian | debian_linux | 3.0 | cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:* |
debian | debian_linux | 3.0 | cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:* |