Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow.
References
Link | Resource |
---|---|
http://arthur.ath.cx/pipermail/ngircd-ml/2005-January/000228.html | Broken Link Patch |
http://bugs.gentoo.org/show_bug.cgi?id=79705 | Issue Tracking |
http://secunia.com/advisories/14056 | Broken Link |
http://secunia.com/advisories/14059 | Broken Link |
http://securitytracker.com/id?1013047 | Broken Link Third Party Advisory VDB Entry |
http://www.gentoo.org/security/en/glsa/glsa-200501-40.xml | Patch Third Party Advisory |
http://www.securityfocus.com/bid/12397 | Broken Link Exploit Patch Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/19143 | Third Party Advisory VDB Entry |
Configurations
History
08 Feb 2024, 15:43
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-191 | |
References | (GENTOO) http://www.gentoo.org/security/en/glsa/glsa-200501-40.xml - Patch, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/14056 - Broken Link | |
References | (MLIST) http://arthur.ath.cx/pipermail/ngircd-ml/2005-January/000228.html - Broken Link, Patch | |
References | (SECTRACK) http://securitytracker.com/id?1013047 - Broken Link, Third Party Advisory, VDB Entry | |
References | (BID) http://www.securityfocus.com/bid/12397 - Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/19143 - Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/14059 - Broken Link | |
References | (CONFIRM) http://bugs.gentoo.org/show_bug.cgi?id=79705 - Issue Tracking | |
First Time |
Barton
Barton ngircd |
|
CPE | cpe:2.3:a:ngircd:ngircd:0.6:*:*:*:*:*:*:* cpe:2.3:a:ngircd:ngircd:0.7.6:*:*:*:*:*:*:* cpe:2.3:a:ngircd:ngircd:0.8.1:*:*:*:*:*:*:* cpe:2.3:a:ngircd:ngircd:0.7:*:*:*:*:*:*:* cpe:2.3:a:ngircd:ngircd:0.7.7:*:*:*:*:*:*:* cpe:2.3:a:ngircd:ngircd:0.6.1:*:*:*:*:*:*:* cpe:2.3:a:ngircd:ngircd:0.8:*:*:*:*:*:*:* cpe:2.3:a:ngircd:ngircd:0.7.5:*:*:*:*:*:*:* |
cpe:2.3:a:barton:ngircd:*:*:*:*:*:*:*:* |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
Information
Published : 2005-05-02 04:00
Updated : 2024-02-28 10:42
NVD link : CVE-2005-0199
Mitre link : CVE-2005-0199
CVE.ORG link : CVE-2005-0199
JSON object : View
Products Affected
barton
- ngircd
CWE
CWE-191
Integer Underflow (Wrap or Wraparound)