Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0274

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0274
Last Modified 05 Sep 2008 04:38:00
Published 23 Nov 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0274

Summary

Share.mod in Eggheads Eggdrop IRC bot 1.6.10 through 1.6.15 can mistakenly assign STAT_OFFERED status to a bot that is not a sharebot, which allows remote attackers to use STAT_OFFERED to promote a bot to a sharebot and conduct unauthorized activities.

Vulnerable Systems

Application

  • Eggheads Eggdrop Irc Bot 1.6.10

  • Eggheads Eggdrop Irc Bot 1.6.11

  • Eggheads Eggdrop Irc Bot 1.6.12

  • Eggheads Eggdrop Irc Bot 1.6.13

  • Eggheads Eggdrop Irc Bot 1.6.14

  • Eggheads Eggdrop Irc Bot 1.6.15


References

BUGTRAQ - 20040210 Re: Eggrop bug

BUGTRAQ - 20040208 Eggrop bug

XF - eggdrop-sharemod-gain-access(15084)

BID - 9606

MISC - http://mogan.nonsoloirc.com/egg_advisory.txt

OSVDB - 3928

CONFIRM - http://www.eggheads.org/news/2004/04/10/26


Last Updated: 27 May 2016 10:38:32