CVE-2007-4584
published 2007-08-29CVE-2007-4584: Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode…
PriorityP355critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
14.69%
96.2th percentile
Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bitchx | bitchx | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
Buffer overflow in IrcII by long MODE from server
vendor_redhat·CVSS 10.0
CVE-2007-4584 [CRITICAL] Buffer overflow in IrcII by long MODE from server
Buffer overflow in IrcII by long MODE from server
Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable.
Statement: Not vulnerable. This issue did not affect the version of IrcII as shipped with Red Hat Enterprise Linux 2.1. IrcII was not shipped in Enterprise Linux 3, 4, or 5.
GHSA
GHSA-fpg6-49x7-pcjm: Stack-based buffer overflow in BitchX 1
ghsa_unreviewed·2022-05-01
CVE-2007-4584 [HIGH] CWE-119 GHSA-fpg6-49x7-pcjm: Stack-based buffer overflow in BitchX 1
Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable.
No detection rules found.
Exploit-DB
Microsoft Internet Explorer - TIF/TIFF Code Execution (MS07-055)
exploitdb·2007-11-11
CVE-2007-2217 Microsoft Internet Explorer - TIF/TIFF Code Execution (MS07-055)
Microsoft Internet Explorer - TIF/TIFF Code Execution (MS07-055)
---
#!/usr/bin/perl
#
# Microsoft Internet Explorer TIF/TIFF Code Execution (MS07-055)
#
# Author: grabarz
#
# Note: This exploit is modified from Hong Gil-Dong, Jeon Woo-chi PoC
# (http://www.milw0rm.com/exploits/4584)
#
# Internet Explorer has standart ImageBase address and PE Win32 header
# is started at 0x00400000 in memory. So memory cell at the address
# 0x00400008 contains the short value 0x0004 and at the address
# 0x00400011 it contains the long value 0x00000000 in any case.
# I used these addresses for generating of TIFF-file that uses
# vulnerability and for controling of EIP.
#
# This exploit tested on:
# - Windows 2000 SP4 + IE5.01
# - Windows 2000 SP4 + IE5.5
# - Windows 2000 SP4 + IE6.0 SP1
#
# Credit: Hong G
Exploit-DB
BitchX 1.1 Final - MODE Remote Heap Overflow
exploitdb·2007-08-27
CVE-2007-4584 BitchX 1.1 Final - MODE Remote Heap Overflow
BitchX 1.1 Final - MODE Remote Heap Overflow
---
#!/usr/bin/env ruby
######################################################
# BitchX-1.1 Final MODE Heap Overflow [0-day]
# By bannedit
# Discovered May 16th 2007
# - Yet another overflow which can overwrite GOT
#
# I found this vuln after modifying ilja's ircfuzz
# code. Currently this exploit attempts to
# overwrite the GOT with the ret address to the
# shellcode.
#
# The actually vulnerability appears to be a stack
# overflow in p_mode. Due to input size restrictions
# the overflow can't occur on the stack because we can
# only overflow so much data. Luckily though we
# overwrite a structure containing pointers to heap
# data. This allows us to overwrite the GOT.
#
# Reliability of this exploit in its current stage is
# limited. There ap
http://osvdb.org/37480http://secunia.com/advisories/26578http://secunia.com/advisories/31180http://secunia.com/advisories/34870http://security.gentoo.org/glsa/glsa-200807-12.xmlhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.285737http://www.securityfocus.com/bid/25462http://www.vupen.com/english/advisories/2007/2994https://exchange.xforce.ibmcloud.com/vulnerabilities/36306https://www.exploit-db.com/exploits/4321http://osvdb.org/37480http://secunia.com/advisories/26578http://secunia.com/advisories/31180http://secunia.com/advisories/34870http://security.gentoo.org/glsa/glsa-200807-12.xmlhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.285737http://www.securityfocus.com/bid/25462http://www.vupen.com/english/advisories/2007/2994https://exchange.xforce.ibmcloud.com/vulnerabilities/36306https://www.exploit-db.com/exploits/4321
2007-08-29
Published