FreeBSD Local Security Checks : FreeBSD Ports: eggdrop

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.64119

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: eggdrop

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: eggdrop

CVE-2009-1789
mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and
earlier allows remote attackers to cause a denial of service (crash)
via a crafted PRIVMSG that causes an empty string to trigger a
negative string length copy. NOTE: this issue exists because of an
incorrect fix for CVE-2007-2807.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-1789
BugTraq ID: 34985
http://www.securityfocus.com/bid/34985
Bugtraq: 20090515 eggdrop/windrop remote crash vulnerability (Google Search)
http://www.securityfocus.com/archive/1/503574
Debian Security Information: DSA-1826 (Google Search)
http://www.debian.org/security/2009/dsa-1826
https://www.exploit-db.com/exploits/8695
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01333.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01337.html
http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0129.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:126
http://osvdb.org/54460
http://secunia.com/advisories/35104
http://secunia.com/advisories/35158
http://secunia.com/advisories/35690
http://www.vupen.com/english/advisories/2009/1340
XForce ISS Database: eggdrop-servmsg-dos(50547)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50547

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.64119
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: eggdrop
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: eggdrop CVE-2009-1789 mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1789 BugTraq ID: 34985 http://www.securityfocus.com/bid/34985 Bugtraq: 20090515 eggdrop/windrop remote crash vulnerability (Google Search) http://www.securityfocus.com/archive/1/503574 Debian Security Information: DSA-1826 (Google Search) http://www.debian.org/security/2009/dsa-1826 https://www.exploit-db.com/exploits/8695 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01333.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01337.html http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0129.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:126 http://osvdb.org/54460 http://secunia.com/advisories/35104 http://secunia.com/advisories/35158 http://secunia.com/advisories/35690 http://www.vupen.com/english/advisories/2009/1340 XForce ISS Database: eggdrop-servmsg-dos(50547) https://exchange.xforce.ibmcloud.com/vulnerabilities/50547
Copyright	Copyright (C) 2009 E-Soft Inc.