RSS   Vulnerabilities for 'BNC'   RSS

2004-12-31
 
CVE-2004-2612

 

 
BNC 2.9.0 only grants access when an incorrect password is provided, which allows remote attackers to use the functionality intended for authorized users.

 
 
CVE-2004-1482

 

 
The sbuf_getmsg function in BNC incorrectly handles backspace characters, which could allow remote attackers to bypass authentication and gain access to arbitrary scripts.

 
2005-03-01
 
CVE-2004-1052

 

 
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.

 


Copyright 2024, cxsecurity.com

 

Back to Top