Vulnerabilities > CVE-2007-2807 - Remote Buffer Overflow vulnerability in Eggdrop Server Module Message Handling
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1.6.18, and possibly earlier, allows user-assisted, remote IRC servers to execute arbitrary code via a long private message.
Vulnerable Configurations
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2007-175.NASL description A stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1.6.18, and possibly earlier, allows user-assisted, malicious remote IRC servers to execute arbitrary code via a long private message. Updated packages fix this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 26007 published 2007-09-07 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/26007 title Mandrake Linux Security Advisory : eggdrop (MDKSA-2007:175) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2007:175. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(26007); script_version ("1.16"); script_cvs_date("Date: 2019/08/02 13:32:49"); script_cve_id("CVE-2007-2807"); script_bugtraq_id(24070); script_xref(name:"MDKSA", value:"2007:175"); script_name(english:"Mandrake Linux Security Advisory : eggdrop (MDKSA-2007:175)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Mandrake Linux host is missing a security update." ); script_set_attribute( attribute:"description", value: "A stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1.6.18, and possibly earlier, allows user-assisted, malicious remote IRC servers to execute arbitrary code via a long private message. Updated packages fix this issue." ); script_set_attribute( attribute:"solution", value:"Update the affected eggdrop package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:eggdrop"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007.1"); script_set_attribute(attribute:"patch_publication_date", value:"2007/09/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/09/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2007.0", reference:"eggdrop-1.6.17-3.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"eggdrop-1.6.17-3.1mdv2007.1", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Fedora Local Security Checks NASL id FEDORA_2009-5568.NASL description mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807. The current remote denial of service is tracked as CVE-2009-1789. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38939 published 2009-05-28 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38939 title Fedora 9 : eggdrop-1.6.19-4.fc9 (2009-5568) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2009-5568. # include("compat.inc"); if (description) { script_id(38939); script_version ("1.13"); script_cvs_date("Date: 2019/08/02 13:32:30"); script_cve_id("CVE-2009-1789"); script_bugtraq_id(34985); script_xref(name:"FEDORA", value:"2009-5568"); script_name(english:"Fedora 9 : eggdrop-1.6.19-4.fc9 (2009-5568)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807. The current remote denial of service is tracked as CVE-2009-1789. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=502650" ); # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024234.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7780eb13" ); script_set_attribute( attribute:"solution", value:"Update the affected eggdrop package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:eggdrop"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:9"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/28"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 9.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC9", reference:"eggdrop-1.6.19-4.fc9")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "eggdrop"); }NASL family Fedora Local Security Checks NASL id FEDORA_2009-5572.NASL description mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807. The current remote denial of service is tracked as CVE-2009-1789. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38940 published 2009-05-28 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38940 title Fedora 10 : eggdrop-1.6.19-4.fc10 (2009-5572) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2009-5572. # include("compat.inc"); if (description) { script_id(38940); script_version ("1.13"); script_cvs_date("Date: 2019/08/02 13:32:30"); script_cve_id("CVE-2009-1789"); script_bugtraq_id(34985); script_xref(name:"FEDORA", value:"2009-5572"); script_name(english:"Fedora 10 : eggdrop-1.6.19-4.fc10 (2009-5572)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807. The current remote denial of service is tracked as CVE-2009-1789. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=502650" ); # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024238.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?550204b8" ); script_set_attribute( attribute:"solution", value:"Update the affected eggdrop package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:eggdrop"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:10"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/28"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^10([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 10.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC10", reference:"eggdrop-1.6.19-4.fc10")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "eggdrop"); }NASL family Fedora Local Security Checks NASL id FEDORA_2007-4325.NASL description Added a patch to fix some stack based overflows (CVE-2007-2807) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 29283 published 2007-12-11 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29283 title Fedora 7 : eggdrop-1.6.18-12.fc7 (2007-4325) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2007-4325. # include("compat.inc"); if (description) { script_id(29283); script_version ("1.13"); script_cvs_date("Date: 2019/08/02 13:32:26"); script_cve_id("CVE-2007-2807"); script_bugtraq_id(24070); script_xref(name:"FEDORA", value:"2007-4325"); script_name(english:"Fedora 7 : eggdrop-1.6.18-12.fc7 (2007-4325)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Added a patch to fix some stack based overflows (CVE-2007-2807) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2007-December/005810.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?3f4a7c83" ); script_set_attribute( attribute:"solution", value:"Update the affected eggdrop and / or eggdrop-debuginfo packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:eggdrop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:eggdrop-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:7"); script_set_attribute(attribute:"patch_publication_date", value:"2007/12/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 7.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC7", reference:"eggdrop-1.6.18-12.fc7")) flag++; if (rpm_check(release:"FC7", reference:"eggdrop-debuginfo-1.6.18-12.fc7")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "eggdrop / eggdrop-debuginfo"); }NASL family Fedora Local Security Checks NASL id FEDORA_2007-4305.NASL description Added a patch to fix some stack based overflows (CVE-2007-2807) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 29282 published 2007-12-11 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29282 title Fedora 8 : eggdrop-1.6.18-12.fc8 (2007-4305) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2007-4305. # include("compat.inc"); if (description) { script_id(29282); script_version ("1.13"); script_cvs_date("Date: 2019/08/02 13:32:26"); script_cve_id("CVE-2007-2807"); script_bugtraq_id(24070); script_xref(name:"FEDORA", value:"2007-4305"); script_name(english:"Fedora 8 : eggdrop-1.6.18-12.fc8 (2007-4305)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Added a patch to fix some stack based overflows (CVE-2007-2807) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2007-December/005798.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?d044e2fc" ); script_set_attribute( attribute:"solution", value:"Update the affected eggdrop and / or eggdrop-debuginfo packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:eggdrop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:eggdrop-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:8"); script_set_attribute(attribute:"patch_publication_date", value:"2007/12/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 8.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC8", reference:"eggdrop-1.6.18-12.fc8")) flag++; if (rpm_check(release:"FC8", reference:"eggdrop-debuginfo-1.6.18-12.fc8")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "eggdrop / eggdrop-debuginfo"); }NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200709-07.NASL description The remote host is affected by the vulnerability described in GLSA-200709-07 (Eggdrop: Buffer overflow) Bow Sineath discovered a boundary error in the file mod/server.mod/servrmsg.c when processing overly long private messages sent by an IRC server. Impact : A remote attacker could entice an Eggdrop user to connect the bot to a malicious server, possibly resulting in the execution of arbitrary code on the host running Eggdrop. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 26097 published 2007-09-24 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/26097 title GLSA-200709-07 : Eggdrop: Buffer overflow NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1826.NASL description Several vulnerabilities have been discovered in eggdrop, an advanced IRC robot. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-2807 It was discovered that eggdrop is vulnerable to a buffer overflow, which could result in a remote user executing arbitrary code. The previous DSA (DSA-1448-1) did not fix the issue correctly. - CVE-2009-1789 It was discovered that eggdrop is vulnerable to a denial of service attack, that allows remote attackers to cause a crash via a crafted PRIVMSG. last seen 2020-06-01 modified 2020-06-02 plugin id 44691 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44691 title Debian DSA-1826-1 : eggdrop - several vulnerabilities NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-126.NASL description mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807 (CVE-2009-1789). Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers last seen 2020-06-01 modified 2020-06-02 plugin id 38982 published 2009-06-02 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38982 title Mandriva Linux Security Advisory : eggdrop (MDVSA-2009:126-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1448.NASL description It was discovered that eggdrop, an advanced IRC robot, was vulnerable to a buffer overflow which could result in a remote user executing arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 29857 published 2008-01-07 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/29857 title Debian DSA-1448-1 : eggdrop - buffer overflow
Packetstorm
| data source | https://packetstormsecurity.com/files/download/77526/eggwindrop-dos.txt |
| id | PACKETSTORM:77526 |
| last seen | 2016-12-05 |
| published | 2009-05-15 |
| reporter | Thomas Sader |
| source | https://packetstormsecurity.com/files/77526/Eggdrop-Windrop-1.6.19-Denial-Of-Service.html |
| title | Eggdrop/Windrop 1.6.19 Denial Of Service |
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:11317 |
| last seen | 2017-11-19 |
| modified | 2009-05-17 |
| published | 2009-05-17 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-11317 |
| title | Eggdrop/Windrop 1.6.19 ctcpbuf Remote Crash Vulnerability |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=427157
- http://osvdb.org/36237
- http://secunia.com/advisories/25276
- http://secunia.com/advisories/26727
- http://secunia.com/advisories/26826
- http://secunia.com/advisories/27989
- http://secunia.com/advisories/28347
- http://secunia.com/advisories/35690
- http://security.gentoo.org/glsa/glsa-200709-07.xml
- http://securitytracker.com/id?1018700
- http://www.debian.org/security/2008/dsa-1448
- http://www.debian.org/security/2009/dsa-1826
- http://www.eggheads.org/bugzilla/show_bug.cgi?id=462
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:175
- http://www.securityfocus.com/bid/24070
- https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00336.html
- https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00348.html