Vulnerability Description
Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) ircd-RU, when running in debug mode, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request containing format strings.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Andromede | Adromedeircd | 1.2.3 |
| Daniel Moss | Methane | 0.1.1 |
| Hans Westerhof | Digatech | 1.2.1 |
| Wenet | Ircd-Ru | All versions |
| Bahamut | Ircd | <= 1.4.35 |
References
- http://marc.info/?l=bugtraq&m=105665996104723&w=2
- http://marc.info/?l=bugtraq&m=105673489525906&w=2
- http://marc.info/?l=bugtraq&m=105673555726823&w=2
- http://marc.info/?l=bugtraq&m=105665996104723&w=2
- http://marc.info/?l=bugtraq&m=105673489525906&w=2
- http://marc.info/?l=bugtraq&m=105673555726823&w=2
FAQ
What is CVE-2003-0478?
CVE-2003-0478 is a vulnerability with a CVSS score of 10.0 (HIGH). Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) irc...
How severe is CVE-2003-0478?
CVE-2003-0478 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0478?
Check the references section above for vendor advisories and patch information. Affected products include: Andromede Adromedeircd, Daniel Moss Methane, Hans Westerhof Digatech, Wenet Ircd-Ru, Bahamut Ircd.