3 results (0.005 seconds)

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

The sbuf_getmsg function in BNC incorrectly handles backspace characters, which could allow remote attackers to bypass authentication and gain access to arbitrary scripts. • http://secunia.com/advisories/12770 http://www.gentoo.org/security/en/glsa/glsa-200410-13.xml http://www.gotbnc.com/changes.html#2.8.9 http://www.osvdb.org/10596 http://www.securityfocus.com/bid/11355 https://exchange.xforce.ibmcloud.com/vulnerabilities/17672 •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

BNC 2.9.0 only grants access when an incorrect password is provided, which allows remote attackers to use the functionality intended for authorized users. • http://secunia.com/advisories/13302 http://www.gotbnc.com/changes.html#2.9.1 http://www.osvdb.org/12144 http://www.securityfocus.com/bid/11650 https://exchange.xforce.ibmcloud.com/vulnerabilities/18103 •

CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0

Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters. • http://marc.info/?l=bugtraq&m=110011817627839&w=2 http://secunia.com/advisories/13149 http://security.lss.hr/en/index.php?page=details&ID=LSS-2004-11-03 http://www.debian.org/security/2004/dsa-595 http://www.securityfocus.com/bid/11647 https://exchange.xforce.ibmcloud.com/vulnerabilities/18013 •