ngIRCd < 0.8.2 Lists_MakeMask() Remote Overflow DoS

This script is Copyright (C) 2005-2017 Tenable Network Security, Inc.

Synopsis :

The remote chat server is affected by a buffer overflow vulnerability.

Description :

According to its banner, the version of the ngIRCd chat service on the
remote host contains a buffer overflow in 'Lists_MakeMask()' in
'src/ngircd/lists.c' that can be exploited by a remote attacker to
crash the affected service or possibly even execute arbitrary code on
the remote host subject to the privileges under which the service
operates, which is 'root' by default.

See also :

Solution :

Upgrade to ngIRCd 0.8.2 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 9.5
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 16274 ()

Bugtraq ID: 12397

CVE ID: CVE-2005-0199

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now