Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
Max CVSS
10.0
EPSS Score
0.93%
Published
2005-03-01
Updated
2017-07-11
The sbuf_getmsg function in BNC incorrectly handles backspace characters, which could allow remote attackers to bypass authentication and gain access to arbitrary scripts.
Max CVSS
7.5
EPSS Score
0.64%
Published
2004-12-31
Updated
2017-07-11
BNC 2.9.0 only grants access when an incorrect password is provided, which allows remote attackers to use the functionality intended for authorized users.
Max CVSS
7.5
EPSS Score
1.57%
Published
2004-12-31
Updated
2017-07-20
3 vulnerabilities found