CVE-2004-1052

Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:bnc:bnc:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:bnc:bnc:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:bnc:bnc:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:bnc:bnc:2.6:*:*:*:*:*:*:*
cpe:2.3:a:bnc:bnc:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:bnc:bnc:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:bnc:bnc:2.8.8:*:*:*:*:*:*:*
cpe:2.3:a:bnc:bnc:2.8.9:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:49

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=110011817627839&w=2 - () http://marc.info/?l=bugtraq&m=110011817627839&w=2 -
References () http://secunia.com/advisories/13149/ - () http://secunia.com/advisories/13149/ -
References () http://security.lss.hr/en/index.php?page=details&ID=LSS-2004-11-03 - () http://security.lss.hr/en/index.php?page=details&ID=LSS-2004-11-03 -
References () http://www.debian.org/security/2004/dsa-595 - () http://www.debian.org/security/2004/dsa-595 -
References () http://www.securityfocus.com/bid/11647 - Patch, Vendor Advisory () http://www.securityfocus.com/bid/11647 - Patch, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/18013 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/18013 -

Information

Published : 2005-03-01 05:00

Updated : 2024-11-20 23:49


NVD link : CVE-2004-1052

Mitre link : CVE-2004-1052

CVE.ORG link : CVE-2004-1052


JSON object : View

Products Affected

debian

  • debian_linux

bnc

  • bnc

gentoo

  • linux