bnc -- remotely exploitable buffer overflow in getnickuserhost

ID 9BE819C6-4633-11D9-A9E7-0001020EED82
Type freebsd
Reporter FreeBSD
Modified 2005-02-22T00:00:00


A LSS Security Advisory reports:

There is a buffer overflow vulnerability in getnickuserhost() function that is called when BNC is processing response from IRC server. Vulnerability can be exploited if attacker tricks user to connect to his fake IRC server that will exploit this vulnerability. If the attacker has access to BNC proxy server, this vulnerability can be used to gain shell access on machine where BNC proxy server is set.