Published: 01/01/2013 Updated: 02/02/2013

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

modules/m_capab.c in (1) ircd-ratbox prior to 3.0.8 and (2) Charybdis prior to 3.4.2 does not properly support capability negotiation during server handshakes, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ircd-ratbox ircd-ratbox 2.2.8
ircd-ratbox ircd-ratbox 2.2.7.1
ircd-ratbox ircd-ratbox 2.2.1
ircd-ratbox ircd-ratbox 2.2.0
ircd-ratbox ircd-ratbox 2.1.5
ircd-ratbox ircd-ratbox 2.1.4
ircd-ratbox ircd-ratbox 2.0.7
ircd-ratbox ircd-ratbox 2.0.6
ircd-ratbox ircd-ratbox 2.0.11
ircd-ratbox ircd-ratbox 1.5
ircd-ratbox ircd-ratbox 1.3
ircd-ratbox ircd-ratbox 1.3.2
ircd-ratbox ircd-ratbox 2.2.5
ircd-ratbox ircd-ratbox 2.2.4
ircd-ratbox ircd-ratbox 2.1.8
ircd-ratbox ircd-ratbox 2.1.0
ircd-ratbox ircd-ratbox 2.0.3
ircd-ratbox ircd-ratbox 2.0.2
ircd-ratbox ircd-ratbox 1.5.1
ircd-ratbox ircd-ratbox 1.4
ircd-ratbox ircd-ratbox 1.2.3
ircd-ratbox ircd-ratbox 1.1.2
ircd-ratbox ircd-ratbox 2.2.7
ircd-ratbox ircd-ratbox 2.2.6
ircd-ratbox ircd-ratbox 2.1.3
ircd-ratbox ircd-ratbox 2.1.2
ircd-ratbox ircd-ratbox 2.1.1
ircd-ratbox ircd-ratbox 2.0.5
ircd-ratbox ircd-ratbox 2.0.4
ircd-ratbox ircd-ratbox 1.5.3
ircd-ratbox ircd-ratbox 1.5.2
ircd-ratbox ircd-ratbox 1.3.1
ircd-ratbox ircd-ratbox 1.2.1
ircd-ratbox ircd-ratbox 1.2.2
ratbox ircd-ratbox
ircd-ratbox ircd-ratbox 2.2.9
ircd-ratbox ircd-ratbox 2.2.3
ircd-ratbox ircd-ratbox 2.2.2
ircd-ratbox ircd-ratbox 2.1.7
ircd-ratbox ircd-ratbox 2.1.6
ircd-ratbox ircd-ratbox 2.0.9
ircd-ratbox ircd-ratbox 2.0.8
ircd-ratbox ircd-ratbox 2.0.1
ircd-ratbox ircd-ratbox 2.0.10
ircd-ratbox ircd-ratbox 1.1.1
ircd-ratbox ircd-ratbox 1.0

Debian Bug report logs - #697092 charybdis: CVE-2012-6084: remote denial of service Package: charybdis; Maintainer for charybdis is Antoine Beaupré <anarcat@debianorg>; Source for charybdis is src:charybdis (PTS, buildd, popcon) Reported by: Henri Salo <henri@nervfi> Date: Tue, 1 Jan 2013 10:33:01 UTC Severity: ...

It was discovered that a bug in the server capability negotiation code of ircd-ratbox could result in denial of service For the stable distribution (squeeze), this problem has been fixed in version 306dfsg-2+squeeze1 For the testing distribution (wheezy), this problem has been fixed in version 307dfsg-3 For the unstable distribution (sid), ...

This exploit demonstrates a remotely trigger-able crash in ircd-ratbox version 20 It affects Shadowircd version 633 and Charybdis version 342 ...

NVD-CWE-Other http://www.ratbox.org/download/ircd-ratbox-3.0.8.tar.bz2 https://github.com/atheme/charybdis/commit/ac0707aa61d9c20e9b09062294701567c9f41595.patch http://openwall.com/lists/oss-security/2013/01/01/4 http://rabbit.dereferenced.org/~nenolod/ASA-2012-12-31.txt http://www.stack.nl/~jilles/irc/charybdis-3.4.2.tbz2 http://www.debian.org/security/2013/dsa-2612 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697092 https://nvd.nist.gov https://www.debian.org/security/./dsa-2612

CVE-2012-6084

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect