[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request -- Eggdrop
From:       "Steven M. Christey" <coley () linus ! mitre ! org>
Date:       2009-05-29 21:22:59
Message-ID: Pine.GSO.4.51.0905291722500.29163 () faron ! mitre ! org
[Download RAW message or body]


======================================================
Name: CVE-2009-1789
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1789
Reference: BUGTRAQ:20090515 eggdrop/windrop remote crash vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/503574
Reference: FULLDISC:20090514 eggdrop/windrop remote crash vulnerability
Reference: URL:http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0129.html
Reference: MILW0RM:8695
Reference: URL:http://www.milw0rm.com/exploits/8695
Reference: CONFIRM:http://cvs.eggheads.org/viewvc/viewvc.cgi/eggdrop1.6/doc/Changes1.6?revision=1.20&view=markup
Reference: BID:34985
Reference: URL:http://www.securityfocus.com/bid/34985
Reference: OSVDB:54460
Reference: URL:http://osvdb.org/54460
Reference: SECUNIA:35104
Reference: URL:http://secunia.com/advisories/35104
Reference: VUPEN:ADV-2009-1340
Reference: URL:http://www.vupen.com/english/advisories/2009/1340
Reference: XF:eggdrop-servmsg-dos(50547)
Reference: URL:http://xforce.iss.net/xforce/xfdb/50547

mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and
earlier allows remote attackers to cause a denial of service (crash)
via a crafted PRIVMSG that causes an empty string to trigger a
negative string length copy.  NOTE: this issue exists because of an
incorrect fix for CVE-2007-2807.


[prev in list] [next in list] [prev in thread] [next in thread]