|Category:||FreeBSD Local Security Checks|
|Title:||FreeBSD Ports: eggdrop|
|Summary:||FreeBSD Ports: eggdrop|
|Description:||The remote host is missing an update to the system|
as announced in the referenced advisory.
The following package is affected: eggdrop
mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and
earlier allows remote attackers to cause a denial of service (crash)
via a crafted PRIVMSG that causes an empty string to trigger a
negative string length copy. NOTE: this issue exists because of an
incorrect fix for CVE-2007-2807.
Update your system with the appropriate patches or
BugTraq ID: 34985|
Common Vulnerability Exposure (CVE) ID: CVE-2009-1789
Bugtraq: 20090515 eggdrop/windrop remote crash vulnerability (Google Search)
Debian Security Information: DSA-1826 (Google Search)
XForce ISS Database: eggdrop-servmsg-dos(50547)
|Copyright||Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40605 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.