Lucene search
Copyright (C) 2008 E-Soft Inc.OPENVAS:136141256231053370HistoryJan 17, 2008 - 12:00 a.m.
Debian Security Advisory DSA 298-1 (epic4)
2008-01-1700:00:00
Copyright (C) 2008 E-Soft Inc.
plugins.openvas.org
2
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.006
Percentile
79.0%
The remote host is missing an update to epic4
announced via advisory DSA 298-1.
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53370");
script_version("2023-07-19T05:05:15+0000");
script_cve_id("CVE-2003-0323");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2008-01-17 22:28:10 +0100 (Thu, 17 Jan 2008)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Debian Security Advisory DSA 298-1 (epic4)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB(2\.2|3\.0)");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20298-1");
script_tag(name:"insight", value:"Timo Sirainen discovered several problems in EPIC4, a popular client
for Internet Relay Chat (IRC). A malicious server could craft special
reply strings, triggering the client to write beyond buffer
boundaries. This could lead to a denial of service if the client only
crashes, but may also lead to executing of arbitrary code under the
user id of the chatting user.
For the stable distribution (woody) these problems have been fixed in
version 1.1.2.20020219-2.1.
For the old stable distribution (potato) these problems have been
fixed in version pre2.508-2.3.
For the unstable distribution (sid) these problems have been fixed in
version 1.1.11.20030409-1.");
script_tag(name:"solution", value:"We recommend that you upgrade your EPIC4 package.");
script_tag(name:"summary", value:"The remote host is missing an update to epic4
announced via advisory DSA 298-1.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"epic4", ver:"pre2.508-2.3", rls:"DEB2.2")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"epic4", ver:"1.1.2.20020219-2.1", rls:"DEB3.0")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
Related
openvas
openvas
Debian: Security Advisory (DSA-291)
2008-01-17 00:00:00
Debian Security Advisory DSA 291-1 (ircii)
2008-01-17 00:00:00
Debian Security Advisory DSA 298-1 (epic4)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2003-0323
2003-05-22 04:00:00
nessus
nessus
Debian DSA-298-1 : epic4 - buffer overflows
2004-09-29 00:00:00
Debian DSA-291-1 : ircii - buffer overflows
2004-09-29 00:00:00
osv
osv
epic4 - buffer overflows
2003-05-02 00:00:00
debiancve
debiancve
CVE-2003-0323
2003-06-09 04:00:00
nvd
nvd
CVE-2003-0323
2003-06-09 04:00:00
cve
cve
CVE-2003-0323
2003-06-09 04:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.006
Percentile
79.0%
Related for OPENVAS:136141256231053370