Lucene search
RootSSV:11772HistoryJul 09, 2009 - 12:00 a.m.
Eggdrop servmsg.c远程拒绝服务漏洞
2009-07-0900:00:00
Root
www.seebug.org
9
0.049 Low
EPSS
Percentile
92.8%
BUGTRAQ ID: 34985
CVE(CAN) ID: CVE-2009-1789
Eggdrop是一款用C语言编写的开源IRC bot。
Eggdrop的Server模块(/mod/server.mod/servrmsg.c)中没有正确地处理用户所发送的私人消息。如果ctcpbuf 为“""”的话,消息中最后一个参数为负数,这可能导致服务器崩溃。成功利用这个漏洞要求攻击者能够连接到Eggdrop所在的IRC网络。
Eggheads Eggdrop IRC bot 1.6.19
厂商补丁:
Eggheads
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
PRIVMSG eggdrop :\1\1
Related
securityvulns
securityvulns
eggdrop / windrop IRC client DoS
2009-05-18 00:00:00
openvas
openvas
Eggdrop 'ctcpbuf' Remote Denial Of Service Vulnerability
2009-05-16 00:00:00
Eggdrop < 1.6.19+ctcpfix Remote DoS Vulnerability
2009-05-16 00:00:00
Fedora Core 10 FEDORA-2009-5572 (eggdrop)
2009-06-05 00:00:00
nessus
nessus
FreeBSD : eggdrop -- denial of service vulnerability (399f4cd7-4d59-11de-8811-0030843d3802)
2009-06-01 00:00:00
Debian DSA-1826-1 : eggdrop - several vulnerabilities
2010-02-24 00:00:00
Fedora 9 : eggdrop-1.6.19-4.fc9 (2009-5568)
2009-05-28 00:00:00
freebsd
freebsd
eggdrop -- denial of service vulnerability
2009-05-15 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: eggdrop-1.6.19-4.fc10
2009-05-28 08:03:42
[SECURITY] Fedora 9 Update: eggdrop-1.6.19-4.fc9
2009-05-28 08:02:55
nvd
nvd
CVE-2009-1789
2009-05-26 16:30:02
debiancve
debiancve
CVE-2009-1789
2009-05-26 16:30:02
cve
cve
CVE-2009-1789
2009-05-26 16:30:02
osv
osv
eggdrop - several vulnerabilities
2009-07-04 00:00:00
prion
prion
Design/Logic Flaw
2009-05-26 16:30:00
debian
debian
[SECURITY] [DSA 1826-1] New eggdrop packages fix several vulnerabilities
2009-07-04 02:53:03
cvelist
cvelist
CVE-2009-1789
2009-05-26 16:00:00
ubuntucve
ubuntucve
CVE-2009-1789
2009-05-26 00:00:00