Launchpad.net

CVE 2007-2807

Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1.6.18, and possibly earlier, allows user-assisted, remote IRC servers to execute arbitrary code via a long private message.

Related bugs and status

CVE-2007-2807 (Candidate) is related to these bugs:

Bug #180974: [eggdrop] [CVE-2007-2807] remote buffer overflow vulnerability

Summary				In	Importance	Status
	180974	[eggdrop] [CVE-2007-2807] remote buffer overflow vulnerability		eggdrop (Ubuntu)	Undecided	Fix Released
	180974	[eggdrop] [CVE-2007-2807] remote buffer overflow vulnerability		eggdrop (Debian)	Unknown	Fix Released

Bug #377054: eggdrop/windrop remote crash vulnerability

		In	Importance	Status
377054	eggdrop/windrop remote crash vulnerability	eggdrop (Ubuntu)	Low	Fix Released
377054	eggdrop/windrop remote crash vulnerability	eggdrop (Debian)	Unknown	Fix Released
377054	eggdrop/windrop remote crash vulnerability	eggdrop (Ubuntu Dapper)	Undecided	Invalid
377054	eggdrop/windrop remote crash vulnerability	eggdrop (Ubuntu Hardy)	Low	Fix Released
377054	eggdrop/windrop remote crash vulnerability	eggdrop (Ubuntu Karmic)	Low	Fix Released
377054	eggdrop/windrop remote crash vulnerability	eggdrop (Ubuntu Jaunty)	Low	Fix Released
377054	eggdrop/windrop remote crash vulnerability	eggdrop (Ubuntu Intrepid)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.eggheads.or...
BID: 24070
SECUNIA: 25276
SECUNIA: 26727
GENTOO: GLSA-200709-07
SECUNIA: 26826
SECTRACK: 1018700
MANDRIVA: MDKSA-2007:175
FEDORA: FEDORA-2007-4305
FEDORA: FEDORA-2007-4325
SECUNIA: 27989
CONFIRM: http://bugs.debian.org...
DEBIAN: DSA-1448
SECUNIA: 28347
OSVDB: 36237
DEBIAN: DSA-1826
SECUNIA: 35690