Published: 29/08/2007 Updated: 29/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bitchx bitchx 1.1-final

#!/usr/bin/env ruby ###################################################### # BitchX-11 Final MODE Heap Overflow [0-day] # By bannedit # Discovered May 16th 2007 # - Yet another overflow which can overwrite GOT # # I found this vuln after modifying ilja's ircfuzz # code Currently this exploit attempts to # overwrite the GOT with the ret address to ...

CWE-119 http://secunia.com/advisories/26578 http://www.securityfocus.com/bid/25462 http://security.gentoo.org/glsa/glsa-200807-12.xml http://secunia.com/advisories/31180 http://osvdb.org/37480 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.285737 http://secunia.com/advisories/34870 http://www.vupen.com/english/advisories/2007/2994 https://exchange.xforce.ibmcloud.com/vulnerabilities/36306 https://www.exploit-db.com/exploits/4321 https://nvd.nist.gov https://www.exploit-db.com/exploits/4321/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-4584

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect