QwikSec

Security Database

CVE

CWE

Training

CVE-2009-1789

Published: May 26, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

eggdrop-servmsg-dos(50547)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_OSVDB

20090515 eggdrop/windrop remote crash vulnerability

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_VUPEN

FEDORA-2009-5572

vendor-advisory

x_refsource_FEDORA

exploit

x_refsource_EXPLOIT-DB

http://cvs.eggheads.org/viewvc/viewvc.cgi/eggdrop1.6/doc/Changes1.6?revision=1.20&view=markup

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

20090514 eggdrop/windrop remote crash vulnerability

mailing-list

x_refsource_FULLDISC

vendor-advisory

x_refsource_MANDRIVA

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528778

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

FEDORA-2009-5568

vendor-advisory

x_refsource_FEDORA

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.