CVE-2006-6811

Exploit

EPSS 5.48%
Published 29.12.2006 11:28:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference.  NOTE: this issue was originally reported as a buffer overflow.

Affected products Warnungen 0 Metrics 3 CWE 1 References 16

Data is provided by the National Vulnerability Database (NVD)

Kde ≫ Ksirc Version1.3.12

Canonical ≫ Ubuntu Linux Version5.10

Canonical ≫ Ubuntu Linux Version6.06

Canonical ≫ Ubuntu Linux Version6.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	5.48%	0.898

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

http://osvdb.org/33443

Broken Link

http://security.gentoo.org/glsa/glsa-200701-26.xml

Third Party Advisory

http://securitytracker.com/id?1017453

Third Party Advisory

Broken Link

VDB Entry

http://www.addict3d.org/index.php?page=viewarticle&trace=0&type=security&ID=8468

Broken Link

http://www.kde.org/info/security/advisory-20070109-1.txt

Third Party Advisory