Dconnect » Dconnect Daemon » 0.0.3 : Security Vulnerabilities, CVEs,

cpe:2.3:a:dconnect:dconnect_daemon:0.0.3:*:*:*:*:*:*:*

CVE-2006-4127

Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote administrators to execute arbitrary code via format string specifiers that are not properly handled when calling the (1) privmsg() or (2) pubmsg functions from (a) cmd.user.c, (b) penalties.c, or (c) cmd.dc.c.
Max CVSS
4.6
EPSS Score
0.55%
Published
2006-08-14
Updated
2018-10-17

CVE-2006-4126

The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to cause a denial of service (application crash) by sending a client message before providing the nickname, which triggers a null pointer dereference.
Max CVSS
5.0
EPSS Score
7.15%
Published
2006-08-14
Updated
2018-10-17

CVE-2006-4125

Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to execute arbitrary code via a large nickname, which is not properly handled by the listen_thread_udp function.
Max CVSS
7.5
EPSS Score
40.39%
Published
2006-08-14
Updated
2018-10-17
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close