{ "id": "CVE-2005-0199", "sourceIdentifier": "cve@mitre.org", "published": "2005-05-02T04:00:00.000", "lastModified": "2017-07-11T01:32:08.407", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:ngircd:ngircd:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "210988F2-A886-4B40-BC8F-6B3C44DCAB87" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ngircd:ngircd:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4DE0F3E-779A-49DA-8581-456116B5C207" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ngircd:ngircd:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "5CD611B4-80D9-41BE-A6C7-66F58FCDD5C1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ngircd:ngircd:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "93CED84A-87B0-4033-98E1-CFB132CFAAF0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ngircd:ngircd:0.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "DD38AB3F-23B5-49C5-8A2A-858397056050" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ngircd:ngircd:0.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "3E06A467-1B5C-453F-8A45-F3F7CEA869D9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ngircd:ngircd:0.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "57C8FE95-1D91-4FBE-922F-040613DADA41" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ngircd:ngircd:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "343993AE-A62F-4C58-BAA5-648D5CF74642" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ngircd:ngircd:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "2B611F0F-B716-49CF-8137-4EA82E9486C7" } ] } ] } ], "references": [ { "url": "http://arthur.ath.cx/pipermail/ngircd-ml/2005-January/000228.html", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://bugs.gentoo.org/show_bug.cgi?id=79705", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://securitytracker.com/id?1013047", "source": "cve@mitre.org" }, { "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-40.xml", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.securityfocus.com/bid/12397", "source": "cve@mitre.org", "tags": [ "Exploit", "Patch" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19143", "source": "cve@mitre.org" } ] }