CVE-2004-1052

critical

Description

Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18013

http://www.securityfocus.com/bid/11647

http://www.debian.org/security/2004/dsa-595

http://security.lss.hr/en/index.php?page=details&ID=LSS-2004-11-03

http://secunia.com/advisories/13149/

http://marc.info/?l=bugtraq&m=110011817627839&w=2

Details

Source: Mitre, NVD

Published: 2005-03-01

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H