CVE-2003-0323
published 2003-06-09CVE-2003-0323: Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via…
PriorityP423high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.60%
83.4th percentile
Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the my_strcat function by (1) ctcp_buffer, (2) cannot_join_channel, (3) status_make_printable for Statusbar drawing, (4) create_server_list, and possibly other functions.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | epic4 | < epic4 1:1.1.11.20030409-1 (bookworm) | epic4 1:1.1.11.20030409-1 (bookworm) |
| debian | ircii | < epic4 1:1.1.11.20030409-1 (bookworm) | epic4 1:1.1.11.20030409-1 (bookworm) |
| epic | epic4 | >= 0 < 1:1.1.11.20030409-1 | 1:1.1.11.20030409-1 |
| epic | epic4 | >= 0 < 1:1.1.11.20030409-1 | 1:1.1.11.20030409-1 |
| epic | epic4 | >= 0 < 1:1.1.11.20030409-1 | 1:1.1.11.20030409-1 |
| epic | epic4 | >= 0 < 1:1.1.11.20030409-1 | 1:1.1.11.20030409-1 |
| michael_sandrof | ircii | — | — |
| michael_sandrof | ircii | >= 0 < 20030315-1 | 20030315-1 |
| michael_sandrof | ircii | >= 0 < 20030315-1 | 20030315-1 |
| michael_sandrof | ircii | >= 0 < 20030315-1 | 20030315-1 |
| michael_sandrof | ircii | >= 0 < 20030315-1 | 20030315-1 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mmch-5xx5-rhrx: Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary co
ghsa_unreviewed·2022-04-29
CVE-2003-0323 [HIGH] GHSA-mmch-5xx5-rhrx: Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary co
Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the my_strcat function by (1) ctcp_buffer, (2) cannot_join_channel, (3) status_make_printable for Statusbar drawing, (4) create_server_list, and possibly other functions.
OSV
CVE-2003-0323: Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary co
osv·2003-06-09·CVSS 7.5
CVE-2003-0323 [HIGH] CVE-2003-0323: Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary co
Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the my_strcat function by (1) ctcp_buffer, (2) cannot_join_channel, (3) status_make_printable for Statusbar drawing, (4) create_server_list, and possibly other functions.
Debian
CVE-2003-0323: epic4 - Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers ...
vendor_debian·2003·CVSS 7.5
CVE-2003-0323 [HIGH] CVE-2003-0323: epic4 - Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers ...
Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the my_strcat function by (1) ctcp_buffer, (2) cannot_join_channel, (3) status_make_printable for Statusbar drawing, (4) create_server_list, and possibly other functions.
Scope: local
bookworm: resolved (fixed in 1:1.1.11.20030409-1)
bullseye: resolved (fixed in 1:1.1.11.20030409-1)
forky: resolved (fixed in 1:1.1.11.20030409-1)
sid: resolved (fixed in 1:1.1.11.20030409-1)
trixie: resolved (fixed in 1:1.1.11.20030409-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=104766521328322&w=2http://marc.info/?l=bugtraq&m=104808915402926&w=2http://www.debian.org/security/2003/dsa-291http://www.debian.org/security/2003/dsa-298http://www.securityfocus.com/bid/7098http://marc.info/?l=bugtraq&m=104766521328322&w=2http://marc.info/?l=bugtraq&m=104808915402926&w=2http://www.debian.org/security/2003/dsa-291http://www.debian.org/security/2003/dsa-298http://www.securityfocus.com/bid/7098
2003-06-09
Published