UnrealIRCd Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running UnrealIRCd and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attacker to cause a denial of service and possibly execute arbitrary code via unspecified vectors. Impact Level: Application

Solution

Upgrade to UnrealIRCd version 3.2.8.1 or later, For updates refer to http://www.unrealircd.com/downloads.php Workaround: Remove noident from the allow::options and /REHASH. ***** NOTE: Ignore this warning, if allow::options::noident is not enabled. *****

Insight

The flaw is caused by an error when allow::options::noident is enabled, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.

Affected

UnrealIRCd version 3.2beta11 through 3.2.8

References

http://security.gentoo.org/glsa/glsa-201006-21.xml
http://www.openwall.com/lists/oss-security/2010/06/14/13
http://www.unrealircd.com/txt/unrealsecadvisory.20090413.txt

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4893

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FileZilla Server Buffer Overflow Vulnerability
Freefloat FTP Server Buffer Overflow Vulnerability
VLC Media Player '.AVI' File BOF Vulnerability (Windows)
CoCSoft Stream Down Buffer overflow Vulnerability
ICQ 'ICQToolBar.dll' Buffer Overflow Vulnerability

Take action and discover your vulnerabilities