Computer Security
[EN] securityvulns.ru no-pyccku


eggdrop / windrop IRC client DoS
Published:18.05.2009
Source:
SecurityVulns ID:9912
Type:remote
Threat Level:
5/10
Description:Crash on empty privmsg message.
Affected:EGGDROP : eggdrop 1.6
 WINDROP : windrop 1.6
CVE:CVE-2009-1789 (mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807.)
Original documentdocumentThomas Sader, eggdrop/windrop remote crash vulnerability (18.05.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod