CVE-2020-14148

The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:barton:ngircd:*:*:*:*:*:*:*:*
cpe:2.3:a:barton:ngircd:26.0:rc1:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

History

21 Nov 2024, 05:02

Type Values Removed Values Added
References () https://github.com/ngircd/ngircd/issues/274 - Third Party Advisory () https://github.com/ngircd/ngircd/issues/274 - Third Party Advisory
References () https://github.com/ngircd/ngircd/issues/277 - Third Party Advisory () https://github.com/ngircd/ngircd/issues/277 - Third Party Advisory
References () https://github.com/ngircd/ngircd/pull/275 - Patch, Third Party Advisory () https://github.com/ngircd/ngircd/pull/275 - Patch, Third Party Advisory
References () https://github.com/ngircd/ngircd/pull/276 - Third Party Advisory () https://github.com/ngircd/ngircd/pull/276 - Third Party Advisory
References () https://github.com/ngircd/ngircd/releases/tag/rel-26-rc2 - Release Notes, Third Party Advisory () https://github.com/ngircd/ngircd/releases/tag/rel-26-rc2 - Release Notes, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2020/06/msg00023.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2020/06/msg00023.html - Mailing List, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BJOYV5GHUFJMUVQW3TJKXZ7JPXL4W3ER/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BJOYV5GHUFJMUVQW3TJKXZ7JPXL4W3ER/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZRYFJIA6ZKOH7U4K5WH5OL7OKXE4N52/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZRYFJIA6ZKOH7U4K5WH5OL7OKXE4N52/ -

07 Nov 2023, 03:17

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BJOYV5GHUFJMUVQW3TJKXZ7JPXL4W3ER/', 'name': 'FEDORA-2020-e6d1d849c5', 'tags': ['Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZRYFJIA6ZKOH7U4K5WH5OL7OKXE4N52/', 'name': 'FEDORA-2020-8c33e3a771', 'tags': ['Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BJOYV5GHUFJMUVQW3TJKXZ7JPXL4W3ER/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZRYFJIA6ZKOH7U4K5WH5OL7OKXE4N52/ -

Information

Published : 2020-06-15 18:15

Updated : 2024-11-21 05:02


NVD link : CVE-2020-14148

Mitre link : CVE-2020-14148

CVE.ORG link : CVE-2020-14148


JSON object : View

Products Affected

barton

  • ngircd

debian

  • debian_linux

fedoraproject

  • fedora
CWE
CWE-125

Out-of-bounds Read