ngIRCd < 0.8.2 Lists_MakeMask() Remote Overflow DoS

This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.

Synopsis :

The remote chat server is affected by a buffer overflow vulnerability.

Description :

According to its banner, the version of the ngIRCd chat service on the
remote host contains a buffer overflow in 'Lists_MakeMask()' in
'src/ngircd/lists.c' that can be exploited by a remote attacker to
crash the affected service or possibly even execute arbitrary code on
the remote host subject to the privileges under which the service
operates, which is 'root' by default.

See also :

Solution :

Upgrade to ngIRCd 0.8.2 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 9.5
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 16274 ()

Bugtraq ID: 12397

CVE ID: CVE-2005-0199

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial