FreeBSD : bnc -- remotely exploitable buffer overflow in getnickuserhost (9be819c6-4633-11d9-a9e7-0001020eed82)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

A LSS Security Advisory reports :

There is a buffer overflow vulnerability in getnickuserhost() function
that is called when BNC is processing response from IRC server.

Vulnerability can be exploited if attacker tricks user to connect to
his fake IRC server that will exploit this vulnerability. If the
attacker has access to BNC proxy server, this vulnerability can be
used to gain shell access on machine where BNC proxy server is set.

See also :

http://marc.info/?l=bugtraq&m=110011817627839
http://www.nessus.org/u?388d13fb
http://www.gotbnc.com/changes.html
http://www.nessus.org/u?bca79ed2

Solution :

Update the affected package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 19048 (freebsd_pkg_9be819c6463311d9a9e70001020eed82.nasl)

Bugtraq ID:

CVE ID: CVE-2004-1052

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now