CVE-2009-1789

Published May 26, 2009
Last updated 7 years ago
CVSS info 4.3
Overview

Description: mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:P
Weaknesses

nvd@nist.gov: NVD-CWE-Other
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B949FDB5-004E-4D1A-B231-B12B0530D8B3"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "122A9276-FBAE-4ACB-8B57-1F11316AE6CB"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38C0C2B5-D834-481B-B0F4-52815D5F05D3"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DA76910-DA6A-431E-A4D3-65F67B06DE8A"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADC43937-427B-440C-9057-81B030F703CD"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B9BC3A5-F83F-4A54-8F1D-01A26F4CE7FB"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85C89850-5063-4A3F-AD36-A7BB9C277196"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B027835C-D277-404A-8663-B11DAD15200A"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2468A8A0-0916-40AF-B666-37F4E09D2F46"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2FAD548-8685-4C1B-85EB-EDA5A3490A6C"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "591CEC1D-0E78-4F06-897E-5EFC6C3EB22D"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AFEFA8F-E0BD-4B16-91F0-0D0CCAFD9A0A"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "846E8578-2E43-40FB-AFBE-8002B3C6360F"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A966576E-C1E1-413B-9BC7-13A581F8C278"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC103352-44FE-4629-9E78-4398B8E621C0"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "392B2FDA-0BB1-4525-B892-96074BCD68D8"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A36497B-FC48-458D-9637-E5FD49DAD515"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19B44064-F334-42C0-AC66-B82DC2227857"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "344C8A04-1E35-4F1D-8283-3E520867489C"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop:1.6.18:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "641DAB73-091A-45E2-850D-EB3E852645FF"
          },
          {
            "criteria": "cpe:2.3:a:eggheads:eggdrop_irc_bot:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3ACCBBE9-03EC-496E-8163-1BEC53651211",
            "versionEndIncluding": "1.6.19"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F67FC40-34BD-4266-85F8-10CEEE66C377",
            "versionEndIncluding": "1.6.19"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.4.4:*:final:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D6C2110-D8D8-4864-A556-E907B98E185F"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3D82640-7F8A-45F8-9B41-A09BB37B62A9"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.5.4:*:final:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58730915-EE80-4CDF-9196-CC96B7835C27"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.5.4:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD84BF3B-F6D9-41CA-9A2C-F09F6F00B39F"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.5.4:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D83AD2BC-CD73-4A85-8E12-E15EEE74D85F"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.5.4a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3774084D-7BB9-4F70-BDB3-FE7796EE513B"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.0:*:final:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C86A3CE-5522-4924-B2B9-2C81710BEF82"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "537EA552-06C8-4AFE-960D-468A70157318"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.0:rc1-rel2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4112B1DF-6883-45B4-823A-145275FE672A"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98797B0A-5979-493D-968F-ED20F26F9EBA"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.2\\+bindsfix:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5239C772-554E-4E90-904C-499D419E87FB"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D43A10B-66AE-429B-B939-E3862D4F1EB9"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.4:sr1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75918B14-B217-47D1-988C-B47CFA6D142F"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3115178C-6CF4-45B5-A84F-2D770DAFC600"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57740B2C-08DA-41E2-9F1B-69789A32DC76"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D02A42B-C8A5-46D4-9E59-F06D3490DCDE"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02DFF7AE-89EF-4E1B-8EF6-D6505EC5CDCA"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D566B296-E828-4FF5-A6CC-3A4216EF4200"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7380F17C-1AA5-4A02-A9FD-B7A45EE612CD"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB09FFB8-9A04-4874-823D-5140D2F0AC15"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D8D2814-F718-4EDE-B56F-D392FB7B534F"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFCAF4B0-4C86-4C47-9C31-CFBAFFB8B739"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DBC15B0-5E0A-4B6D-AAE9-C25E59450BAF"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC921FD5-53F7-4430-8EFA-E7363597099A"
          },
          {
            "criteria": "cpe:2.3:a:philip_moore:windrop:1.6.19\\+ctcpfix:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1724543-C2ED-48F3-8DEC-61CA586CB505"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
