Eggdrop 'ctcpbuf' Remote Denial Of Service Vulnerability Network Vulnerability

Summary

Eggdrop is prone to a remote denial-of-service vulnerability because it fails to adequately validate user-supplied input. An attacker may exploit this issue to crash the application, resulting in a denial-of-service condition. This issue is related to the vulnerability described in BID 24070 (Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability). Versions prior to Eggdrop 1.6.19+ctcpfix are vulnerable.

Solution

The vendor has released an update. Please see http://www.eggheads.org/ for more information.

References

http://www.securityfocus.com/bid/34985

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1789
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Mac OS X)
Asterisk T.38 Negotiation Remote Denial Of Service Vulnerability
CUPS Denial of Service Vulnerability - Jun09
ClamAV Recursion Level Handling Denial of Service Vulnerability (Windows)
ClamAV 'cli_pdf()' and 'cli_scanicon()' Denial of Service Vulnerabilities (Win

Take action and discover your vulnerabilities