4 matches found
Eggdrop servmsg.c远程拒绝服务漏洞
BUGTRAQ ID: 34985 CVECAN ID: CVE-2009-1789 Eggdrop是一款用C语言编写的开源IRC bot。 Eggdrop的Server模块(/mod/server.mod/servrmsg.c)中没有正确地处理用户所发送的私人消息。如果ctcpbuf 为“""”的话,消息中最后一个参数为负数,这可能导致服务器崩溃。成功利用这个漏洞要求攻击者能够连接到Eggdrop所在的IRC网络。 Eggheads Eggdrop IRC bot 1.6.19 厂商补丁: Eggheads --------...
CVE-2009-1789
mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service crash via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807...
CVE-2009-1789
mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service crash via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807...
CVE-2009-1789
mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service crash via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807...