Executive Summary

Informations
Name	CVE-2007-4584	First vendor Publication	2007-08-28
Vendor	Cve	Last vendor Modification	2011-03-07

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

Impacts

Provides administrator access : Allows complete confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4584

CWE : Common Weakness Enumeration

id	Name
CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

Type	Description	Count
Application	Bitchx Bitchx cpe:/a:bitchx:bitchx:1.1-final	1

Milw0rm Exploits

id	Description
2007-08-27	BitchX 1.1 Final MODE Remote Heap Overflow Exploit (0-day)

Open Source Vulnerability Database (OSVDB)

id	Description
37480	BitchX IRC Client MODE Command Remote Overflow

Internal Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/25462
GENTOO	http://security.gentoo.org/glsa/glsa-200807-12.xml
MILW0RM	http://www.milw0rm.com/exploits/4321
OSVDB	http://osvdb.org/37480
SECUNIA	http://secunia.com/advisories/26578 http://secunia.com/advisories/31180 http://secunia.com/advisories/34870
SLACKWARE	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&...
VUPEN	http://www.vupen.com/english/advisories/2007/2994
XF	http://xforce.iss.net/xforce/xfdb/36306

Alert History

Date	Informations
2013-05-11 10:35:10	Multiple Updates