Eggdrop 'ctcpbuf' Remote Denial Of Service Vulnerability Network Vulnerability

Summary

Eggdrop is prone to a remote denial-of-service vulnerability because it fails to adequately validate user-supplied input. An attacker may exploit this issue to crash the application, resulting in a denial-of-service condition. This issue is related to the vulnerability described in BID 24070 (Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability). Versions prior to Eggdrop 1.6.19+ctcpfix are vulnerable.

Solution

The vendor has released an update. Please see http://www.eggheads.org/ for more information.

References

http://www.securityfocus.com/bid/34985

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1789

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Cherokee POST request DoS
AVG Anti-Virus UPX Processing Denial of Service Vulnerability
Apple Safari URI NULL Pointer Dereference DoS Vulnerability (Win)
Apple Safari WebKit Property Memory Leak Remote DoS Vulnerability
Comodo Internet Security Denial of Service Vulnerability-05

Take action and discover your vulnerabilities