Summary
Eggdrop is prone to a remote denial-of-service vulnerability because it fails to adequately validate user-supplied input.
An attacker may exploit this issue to crash the application, resulting in a denial-of-service condition.
This issue is related to the vulnerability described in BID 24070 (Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability).
Versions prior to Eggdrop 1.6.19+ctcpfix are vulnerable.
Solution
The vendor has released an update. Please see
http://www.eggheads.org/ for more information.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-1789 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability
- AVG Anti-Virus UPX Processing Denial of Service Vulnerability
- Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
- Adobe Acrobat PDF File Denial Of Service Vulnerability
- ClamAV Prior to 0.96.5 Multiple Vulnerabilities