Eggdrop is prone to a remote denial-of-service vulnerability because it fails to adequately validate user-supplied input. An attacker may exploit this issue to crash the application, resulting in a denial-of-service condition. This issue is related to the vulnerability described in BID 24070 (Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability). Versions prior to Eggdrop 1.6.19+ctcpfix are vulnerable.
The vendor has released an update. Please see http://www.eggheads.org/ for more information.
Updated on 2015-03-25