Описание
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow.
Ссылки
- Broken LinkPatch
- Issue Tracking
- Broken Link
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- Broken LinkExploitPatchThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken LinkPatch
- Issue Tracking
- Broken Link
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- Broken LinkExploitPatchThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 0.8.2 (исключая)
cpe:2.3:a:barton:ngircd:*:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.20153
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-191
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow.
EPSS
Процентиль: 95%
0.20153
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-191