CVE-2005-0199

Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow.
Configurations

Configuration 1 (hide)

cpe:2.3:a:barton:ngircd:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:54

Type Values Removed Values Added
References () http://arthur.ath.cx/pipermail/ngircd-ml/2005-January/000228.html - Broken Link, Patch () http://arthur.ath.cx/pipermail/ngircd-ml/2005-January/000228.html - Broken Link, Patch
References () http://bugs.gentoo.org/show_bug.cgi?id=79705 - Issue Tracking () http://bugs.gentoo.org/show_bug.cgi?id=79705 - Issue Tracking
References () http://secunia.com/advisories/14056 - Broken Link () http://secunia.com/advisories/14056 - Broken Link
References () http://secunia.com/advisories/14059 - Broken Link () http://secunia.com/advisories/14059 - Broken Link
References () http://securitytracker.com/id?1013047 - Broken Link, Third Party Advisory, VDB Entry () http://securitytracker.com/id?1013047 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.gentoo.org/security/en/glsa/glsa-200501-40.xml - Patch, Third Party Advisory () http://www.gentoo.org/security/en/glsa/glsa-200501-40.xml - Patch, Third Party Advisory
References () http://www.securityfocus.com/bid/12397 - Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/12397 - Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/19143 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/19143 - Third Party Advisory, VDB Entry

08 Feb 2024, 15:43

Type Values Removed Values Added
References (GENTOO) http://www.gentoo.org/security/en/glsa/glsa-200501-40.xml - Patch (GENTOO) http://www.gentoo.org/security/en/glsa/glsa-200501-40.xml - Patch, Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/14056 - (SECUNIA) http://secunia.com/advisories/14056 - Broken Link
References (MLIST) http://arthur.ath.cx/pipermail/ngircd-ml/2005-January/000228.html - Patch (MLIST) http://arthur.ath.cx/pipermail/ngircd-ml/2005-January/000228.html - Broken Link, Patch
References (SECTRACK) http://securitytracker.com/id?1013047 - (SECTRACK) http://securitytracker.com/id?1013047 - Broken Link, Third Party Advisory, VDB Entry
References (BID) http://www.securityfocus.com/bid/12397 - Exploit, Patch (BID) http://www.securityfocus.com/bid/12397 - Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/19143 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/19143 - Third Party Advisory, VDB Entry
References (SECUNIA) http://secunia.com/advisories/14059 - (SECUNIA) http://secunia.com/advisories/14059 - Broken Link
References (CONFIRM) http://bugs.gentoo.org/show_bug.cgi?id=79705 - Vendor Advisory (CONFIRM) http://bugs.gentoo.org/show_bug.cgi?id=79705 - Issue Tracking
CWE NVD-CWE-Other CWE-191
First Time Barton
Barton ngircd
CPE cpe:2.3:a:ngircd:ngircd:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:ngircd:ngircd:0.6:*:*:*:*:*:*:*
cpe:2.3:a:ngircd:ngircd:0.7.6:*:*:*:*:*:*:*
cpe:2.3:a:ngircd:ngircd:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:ngircd:ngircd:0.7:*:*:*:*:*:*:*
cpe:2.3:a:ngircd:ngircd:0.7.7:*:*:*:*:*:*:*
cpe:2.3:a:ngircd:ngircd:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:ngircd:ngircd:0.8:*:*:*:*:*:*:*
cpe:2.3:a:ngircd:ngircd:0.7.5:*:*:*:*:*:*:*
cpe:2.3:a:barton:ngircd:*:*:*:*:*:*:*:*
CVSS v2 : 7.5
v3 : unknown
v2 : 7.5
v3 : 9.8

Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:54


NVD link : CVE-2005-0199

Mitre link : CVE-2005-0199

CVE.ORG link : CVE-2005-0199


JSON object : View

Products Affected

barton

  • ngircd
CWE
CWE-191

Integer Underflow (Wrap or Wraparound)