Test ID:	1.3.6.1.4.1.25623.1.0.52283
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: bnc
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: bnc CVE-2004-1052 Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1052 BugTraq ID: 11647 http://www.securityfocus.com/bid/11647 Bugtraq: 20041110 BNC 2.8.9 remote buffer overflow (Google Search) http://marc.info/?l=bugtraq&m=110011817627839&w=2 Debian Security Information: DSA-595 (Google Search) http://www.debian.org/security/2004/dsa-595 http://security.lss.hr/en/index.php?page=details&ID=LSS-2004-11-03 http://secunia.com/advisories/13149/ XForce ISS Database: bnc-irc-getnickuserhost-bo(18013) https://exchange.xforce.ibmcloud.com/vulnerabilities/18013
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.