Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0321

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0321
Last Modified 05 Sep 2008 04:34:02
Published 09 Jun 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0321

Summary

Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier allow remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long hostnames, nicknames, or channel names, which are not properly handled by the functions (1) send_ctcp, (2) cannot_join_channel, (3) cluster, (4) BX_compress_modes, (5) handle_oper_vision, and (6) ban_it.

Vulnerable Systems

Application

  • Colten Edwards Bitchx 1.0.0c19


References

DEBIAN - DSA-306

MISC - http://security.debian.org/pool/updates/main/i/ircii-pana/ircii-pana_1.0-0c16-2.1.diff.gz

BUGTRAQ - 20030324 GLSA: bitchx (200303-21)

BUGTRAQ - 20030313 Buffer overflows in ircII-based clients

BID - 7100

BID - 7099

BID - 7097

BID - 7096

CONECTIVA - CLA-2003:655


Last Updated: 27 May 2016 10:37:52