CVE-2001-0050 - Buffer overflow in BitchX IRC client allows remote attackers to cause a denial of service and possib

CVE-2001-0050

Summary

Buffer overflow in BitchX IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary commands via an IP address that resolves to a long DNS hostname or domain name.

References

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:78.bitchx.v1.1.asc
http://archives.neohapsis.com/archives/bugtraq/2000-12/0081.html
http://archives.neohapsis.com/archives/bugtraq/2000-12/0086.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000364
http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-079.php3
http://www.redhat.com/support/errata/RHSA-2000-126.html
http://www.securityfocus.com/bid/2087
https://exchange.xforce.ibmcloud.com/vulnerabilities/5701

Vulnerable Configurations

cpe:2.3:a:colten_edwards:bitchx:1.0c17:*:*:*:*:*:*:*
cpe:2.3:a:colten_edwards:bitchx:1.0c17:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 10-10-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

redhat via4

advisories

rhsa

id	RHSA-2000:126

refmap via4

bid	2087
bugtraq	20001207 BitchX DNS Overflow Patch 20001207 bitchx/ircd DNS overflow demonstration
conectiva	CLA-2000:364
freebsd	FreeBSD-SA-00:78
mandrake	MDKSA-2000:079
xf	irc-bitchx-dns-bo(5701)

Last major update

10-10-2017 - 01:29

Published

16-02-2001 - 05:00

Last modified

10-10-2017 - 01:29