Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability Network Vulnerability

Summary

Eggdrop Server Module is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Eggdrop 1.6.18 is known to be vulnerable other versions may be affected as well.

Solution

The vendor has released an update. Please see http://www.eggheads.org/ for more information.

References

http://www.securityfocus.com/bid/24070

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-2807

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Compaq Web SSI DoS
Denial Of Service Vulnerability in OpenSSL June-09 (Linux)
Comodo Internet Security Denial of Service Vulnerability-01
Apple Safari Nested 'object' Tag Remote Denial Of Service vulnerability
ejabberd XML Parsing Denial of Service Vulnerability (Windows)

Take action and discover your vulnerabilities