This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.


For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.

Eggdrop Server Module Remote Buffer Overflow Vuln...

Website and forum-related announcements and discussion, and anything else that doesn't fit in the above forums.
Post Reply
w
whoelse
Voice
Posts: 15
Joined: Mon Oct 08, 2007 6:45 pm

Eggdrop Server Module Remote Buffer Overflow Vuln...

Post by whoelse »

seems an immediate update for the exlpoit has been made..I haven't tested the exploit, but there's written that they did test it already on eggdrop 1.6.18 / linux 2.4.
here are more informations and affected versions/operation systems.

Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability

Bugtraq ID: 24070
Class: Boundary Condition Error
CVE: CVE-2007-2807

Remote: Yes
Local: No
Published: May 21 2007 12:00AM
Updated: Oct 11 2007 08:38PM
Credit: Bow Sineath is credited with the discovery of this vulnerability
Vulnerable: MandrakeSoft Linux Mandrake 2007.1 x86_64
MandrakeSoft Linux Mandrake 2007.1
MandrakeSoft Linux Mandrake 2007.0 x86_64
MandrakeSoft Linux Mandrake 2007.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
Gentoo Linux
Eggheads Eggdrop IRC bot 1.6.18
Eggheads Eggdrop IRC bot 1.6.17
Eggheads Eggdrop IRC bot 1.6.15
Eggheads Eggdrop IRC bot 1.6.14
Eggheads Eggdrop IRC bot 1.6.13
Eggheads Eggdrop IRC bot 1.6.12
Eggheads Eggdrop IRC bot 1.6.11
Eggheads Eggdrop IRC bot 1.6.10
a talent can win a game, teamwork wins championchip!
L
LordSephiroth
Voice
Posts: 4
Joined: Thu Sep 20, 2007 1:46 pm
Location: McLean, VA

Post by LordSephiroth »

There is already a thread discussing this issue here:

http://forum.egghelp.org/viewtopic.php?t=14004
Post Reply