6.5

CVE-2006-6811

Exploit

KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference.  NOTE: this issue was originally reported as a buffer overflow.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
KdeKsirc Version1.3.12
CanonicalUbuntu Linux Version5.10
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version6.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.48% 0.898
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

http://securitytracker.com/id?1017453
Third Party Advisory
Broken Link
VDB Entry
http://www.securityfocus.com/archive/1/456379/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.securityfocus.com/bid/21790
Third Party Advisory
Exploit
Broken Link
VDB Entry
https://www.exploit-db.com/exploits/3023
Third Party Advisory
Exploit
VDB Entry