UnrealIRCd Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running UnrealIRCd and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attacker to cause a denial of service and possibly execute arbitrary code via unspecified vectors. Impact Level: Application

Solution

Upgrade to UnrealIRCd version 3.2.8.1 or later, For updates refer to http://www.unrealircd.com/downloads.php Workaround: Remove noident from the allow::options and /REHASH. ***** NOTE: Ignore this warning, if allow::options::noident is not enabled. *****

Insight

The flaw is caused by an error when allow::options::noident is enabled, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.

Affected

UnrealIRCd version 3.2beta11 through 3.2.8

References

http://security.gentoo.org/glsa/glsa-201006-21.xml
http://www.openwall.com/lists/oss-security/2010/06/14/13
http://www.unrealircd.com/txt/unrealsecadvisory.20090413.txt

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4893
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Pango Integer Buffer Overflow Vulnerability
VLC Media Player OGG Demuxer Buffer Overflow Vulnerability (Windows)
VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Linux)
VMCI/HGFS VmWare Code Execution Vulnerability (Linux)
VLC Media Player '.AVI' File BOF Vulnerability (Windows)

Take action and discover your vulnerabilities