Eggdrop 'ctcpbuf' Remote Denial Of Service Vulnerability

Eggdrop is prone to a remote denial-of-service vulnerability because it fails to adequately validate user-supplied input.

An attacker may exploit this issue to crash the application, resulting in a denial-of-service condition.

This issue is related to the vulnerability described in BID 24070 (Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability).

Versions prior to Eggdrop 1.6.19+ctcpfix are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus