Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0478

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0478
Last Modified 07 Mar 2011 09:12:40
Published 07 Aug 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0478

Summary

Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) ircd-RU, when running in debug mode, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request containing format strings.

Vulnerable Systems

Operating System

  • Bahamut Ircd 1.4.35

Application

  • Andromede Adromedeircd 1.2.3

  • Daniel Moss Methane 0.1.1

  • Hans Westerhof Digatech 1.2.1

  • Wenet Ircd-ru


References

BUGTRAQ - 20030627 Bahamut DoS

BUGTRAQ - 20030627 Re: Bahamut IRCd <= 1.4.35 and several derived daemons

BUGTRAQ - 20030626 Bahamut IRCd <= 1.4.35 and several derived daemons


Last Updated: 27 May 2016 10:37:56