Vulnerability Description
Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute arbitrary code.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ngircd | Ngircd | 0.8.2 |
References
- http://marc.info/?l=bugtraq&m=110746413108183&w=2
- http://secunia.com/advisories/14114/ExploitPatchVendor Advisory
- http://www.nosystem.com.ar/advisories/advisory-11.txtExploitPatchVendor Advisory
- http://www.securityfocus.com/bid/12434
- http://marc.info/?l=bugtraq&m=110746413108183&w=2
- http://secunia.com/advisories/14114/ExploitPatchVendor Advisory
- http://www.nosystem.com.ar/advisories/advisory-11.txtExploitPatchVendor Advisory
- http://www.securityfocus.com/bid/12434
FAQ
What is CVE-2005-0226?
CVE-2005-0226 is a vulnerability with a CVSS score of 7.5 (HIGH). Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute ...
How severe is CVE-2005-0226?
CVE-2005-0226 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0226?
Check the references section above for vendor advisories and patch information. Affected products include: Ngircd Ngircd.