{ "id": "CVE-2009-1789", "sourceIdentifier": "cve@mitre.org", "published": "2009-05-26T16:30:02.967", "lastModified": "2017-09-29T01:34:34.077", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807." }, { "lang": "es", "value": "mod/server.mod/servmsg.c en Eggheads Eggdrop y Windrop v1.6.19 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un PRIVMSG manipulado que crea una cadena vac\u00eda que provoca una copia de longitud de cadena negativa. NOTA: esta vulnerabilidad existe por una incorrecta correcci\u00f3n del CVE-2007-2807." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "B949FDB5-004E-4D1A-B231-B12B0530D8B3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "122A9276-FBAE-4ACB-8B57-1F11316AE6CB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "38C0C2B5-D834-481B-B0F4-52815D5F05D3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0DA76910-DA6A-431E-A4D3-65F67B06DE8A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "ADC43937-427B-440C-9057-81B030F703CD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "0B9BC3A5-F83F-4A54-8F1D-01A26F4CE7FB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "85C89850-5063-4A3F-AD36-A7BB9C277196" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "B027835C-D277-404A-8663-B11DAD15200A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "2468A8A0-0916-40AF-B666-37F4E09D2F46" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "A2FAD548-8685-4C1B-85EB-EDA5A3490A6C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "591CEC1D-0E78-4F06-897E-5EFC6C3EB22D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.11:*:*:*:*:*:*:*", "matchCriteriaId": "8AFEFA8F-E0BD-4B16-91F0-0D0CCAFD9A0A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.12:*:*:*:*:*:*:*", "matchCriteriaId": "846E8578-2E43-40FB-AFBE-8002B3C6360F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.13:*:*:*:*:*:*:*", "matchCriteriaId": "A966576E-C1E1-413B-9BC7-13A581F8C278" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.14:*:*:*:*:*:*:*", "matchCriteriaId": "EC103352-44FE-4629-9E78-4398B8E621C0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.15:*:*:*:*:*:*:*", "matchCriteriaId": "392B2FDA-0BB1-4525-B892-96074BCD68D8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.16:*:*:*:*:*:*:*", "matchCriteriaId": "2A36497B-FC48-458D-9637-E5FD49DAD515" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.17:*:*:*:*:*:*:*", "matchCriteriaId": "19B44064-F334-42C0-AC66-B82DC2227857" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.18:*:*:*:*:*:*:*", "matchCriteriaId": "344C8A04-1E35-4F1D-8283-3E520867489C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.18:rc1:*:*:*:*:*:*", "matchCriteriaId": "641DAB73-091A-45E2-850D-EB3E852645FF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:eggheads:eggdrop_irc_bot:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.6.19", "matchCriteriaId": "3ACCBBE9-03EC-496E-8163-1BEC53651211" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.6.19", "matchCriteriaId": "2F67FC40-34BD-4266-85F8-10CEEE66C377" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.4.4:*:final:*:*:*:*:*", "matchCriteriaId": "8D6C2110-D8D8-4864-A556-E907B98E185F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "F3D82640-7F8A-45F8-9B41-A09BB37B62A9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.5.4:*:final:*:*:*:*:*", "matchCriteriaId": "58730915-EE80-4CDF-9196-CC96B7835C27" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.5.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "BD84BF3B-F6D9-41CA-9A2C-F09F6F00B39F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.5.4:rc2:*:*:*:*:*:*", "matchCriteriaId": "D83AD2BC-CD73-4A85-8E12-E15EEE74D85F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.5.4a:*:*:*:*:*:*:*", "matchCriteriaId": "3774084D-7BB9-4F70-BDB3-FE7796EE513B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.0:*:final:*:*:*:*:*", "matchCriteriaId": "0C86A3CE-5522-4924-B2B9-2C81710BEF82" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "537EA552-06C8-4AFE-960D-468A70157318" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.0:rc1-rel2:*:*:*:*:*:*", "matchCriteriaId": "4112B1DF-6883-45B4-823A-145275FE672A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "98797B0A-5979-493D-968F-ED20F26F9EBA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.2\\+bindsfix:*:*:*:*:*:*:*", "matchCriteriaId": "5239C772-554E-4E90-904C-499D419E87FB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4D43A10B-66AE-429B-B939-E3862D4F1EB9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.4:sr1:*:*:*:*:*:*", "matchCriteriaId": "75918B14-B217-47D1-988C-B47CFA6D142F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "3115178C-6CF4-45B5-A84F-2D770DAFC600" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "57740B2C-08DA-41E2-9F1B-69789A32DC76" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "8D02A42B-C8A5-46D4-9E59-F06D3490DCDE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "02DFF7AE-89EF-4E1B-8EF6-D6505EC5CDCA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "D566B296-E828-4FF5-A6CC-3A4216EF4200" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.12:*:*:*:*:*:*:*", "matchCriteriaId": "7380F17C-1AA5-4A02-A9FD-B7A45EE612CD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.13:*:*:*:*:*:*:*", "matchCriteriaId": "CB09FFB8-9A04-4874-823D-5140D2F0AC15" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.15:*:*:*:*:*:*:*", "matchCriteriaId": "4D8D2814-F718-4EDE-B56F-D392FB7B534F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.16:*:*:*:*:*:*:*", "matchCriteriaId": "CFCAF4B0-4C86-4C47-9C31-CFBAFFB8B739" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.17:*:*:*:*:*:*:*", "matchCriteriaId": "8DBC15B0-5E0A-4B6D-AAE9-C25E59450BAF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.18:*:*:*:*:*:*:*", "matchCriteriaId": "AC921FD5-53F7-4430-8EFA-E7363597099A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.19\\+ctcpfix:*:*:*:*:*:*:*", "matchCriteriaId": "E1724543-C2ED-48F3-8DEC-61CA586CB505" } ] } ] } ], "references": [ { "url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0129.html", "source": "cve@mitre.org" }, { "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528778", "source": "cve@mitre.org" }, { "url": "http://cvs.eggheads.org/viewvc/viewvc.cgi/eggdrop1.6/doc/Changes1.6?revision=1.20&view=markup", "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://www.debian.org/security/2009/dsa-1826", "source": "cve@mitre.org" }, { "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:126", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/503574", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/34985", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2009/1340", "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50547", "source": "cve@mitre.org" }, { "url": "https://www.exploit-db.com/exploits/8695", "source": "cve@mitre.org" }, { "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01333.html", "source": "cve@mitre.org" }, { "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01337.html", "source": "cve@mitre.org" } ] }