CVE-2005-0199
Severity CVSS v4.0:
Pending analysis
Type:
CWE-191
Integer Underflow (Wrap or Wraparound)
Publication date:
02/05/2005
Last modified:
08/02/2024
Description
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:barton:ngircd:*:*:*:*:*:*:*:* | 0.8.2 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://arthur.ath.cx/pipermail/ngircd-ml/2005-January/000228.html
- http://bugs.gentoo.org/show_bug.cgi?id=79705
- http://secunia.com/advisories/14056
- http://secunia.com/advisories/14059
- http://securitytracker.com/id?1013047=
- http://www.gentoo.org/security/en/glsa/glsa-200501-40.xml
- http://www.securityfocus.com/bid/12397
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19143