ngIRCd < 0.8.2 Lists_MakeMask() Remote Overflow DoS

This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.


Synopsis :

The remote chat server is affected by a buffer overflow vulnerability.

Description :

According to its banner, the version of the ngIRCd chat service on the
remote host contains a buffer overflow in 'Lists_MakeMask()' in
'src/ngircd/lists.c' that can be exploited by a remote attacker to
crash the affected service or possibly even execute arbitrary code on
the remote host subject to the privileges under which the service
operates, which is 'root' by default.

See also :

http://bugs.gentoo.org/show_bug.cgi?id=79705
http://ngircd.barton.de/doc/ChangeLog
http://arthur.barton.de/pipermail/ngircd-ml/2005-January/000228.html

Solution :

Upgrade to ngIRCd 0.8.2 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 16274 ()

Bugtraq ID: 12397

CVE ID: CVE-2005-0199