CVE-2013-0238

EPSS 9.96%
Veröffentlicht 13.02.2013 01:55:04
Zuletzt bearbeitet 29.04.2026 01:13:23
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The try_parse_v4_netmask function in hostmask.c in IRCD-Hybrid before 8.0.6 does not properly validate masks, which allows remote attackers to cause a denial of service (crash) via a mask that causes a negative number to be parsed.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 15

NVD 17 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ircd-hybrid ≫ Ircd-hybrid Version <= 8.0.5

Ircd-hybrid ≫ Ircd-hybrid Version7.2.0

Ircd-hybrid ≫ Ircd-hybrid Version7.2.1

Ircd-hybrid ≫ Ircd-hybrid Version7.2.2

Ircd-hybrid ≫ Ircd-hybrid Version7.2.3

Ircd-hybrid ≫ Ircd-hybrid Version7.3.0

Ircd-hybrid ≫ Ircd-hybrid Version7.3.0 Updaterc1

Ircd-hybrid ≫ Ircd-hybrid Version7.3.1

Ircd-hybrid ≫ Ircd-hybrid Version8.0.0

Ircd-hybrid ≫ Ircd-hybrid Version8.0.0 Updatebeta1

Ircd-hybrid ≫ Ircd-hybrid Version8.0.0 Updatebeta2

Ircd-hybrid ≫ Ircd-hybrid Version8.0.0 Updatebeta3

Ircd-hybrid ≫ Ircd-hybrid Version8.0.0 Updaterc1

Ircd-hybrid ≫ Ircd-hybrid Version8.0.1

Ircd-hybrid ≫ Ircd-hybrid Version8.0.2

Ircd-hybrid ≫ Ircd-hybrid Version8.0.3

Ircd-hybrid ≫ Ircd-hybrid Version8.0.4

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	9.96%	0.95

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699267

http://osvdb.org/89623

http://secunia.com/advisories/51948

Vendor Advisory

http://secunia.com/advisories/52106

Vendor Advisory

http://svn.ircd-hybrid.org:8000/viewcvs.cgi/ircd-hybrid/trunk/src/hostmask.c?r1=1786&r2=1785&pathrev=1786

http://www.debian.org/security/2013/dsa-2618

http://www.exploit-db.com/exploits/24951

http://www.mandriva.com/security/advisories?name=MDVSA-2013:093

http://www.openwall.com/lists/oss-security/2013/01/29/8

http://www.securityfocus.com/bid/57610

https://exchange.xforce.ibmcloud.com/vulnerabilities/81695

https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0055

https://nvd.nist.gov/vuln/detail/CVE-2013-0238

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-0238

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-0238

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2013-0238