The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
References
Link | Resource |
---|---|
https://github.com/ngircd/ngircd/issues/274 | Third Party Advisory |
https://github.com/ngircd/ngircd/issues/277 | Third Party Advisory |
https://github.com/ngircd/ngircd/pull/275 | Patch Third Party Advisory |
https://github.com/ngircd/ngircd/pull/276 | Third Party Advisory |
https://github.com/ngircd/ngircd/releases/tag/rel-26-rc2 | Release Notes Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/06/msg00023.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BJOYV5GHUFJMUVQW3TJKXZ7JPXL4W3ER/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZRYFJIA6ZKOH7U4K5WH5OL7OKXE4N52/ |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 03:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
27 Jan 2023, 18:59
Type | Values Removed | Values Added |
---|---|---|
First Time |
Debian
Debian debian Linux Fedoraproject Fedoraproject fedora |
|
CPE | cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BJOYV5GHUFJMUVQW3TJKXZ7JPXL4W3ER/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/06/msg00023.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZRYFJIA6ZKOH7U4K5WH5OL7OKXE4N52/ - Third Party Advisory |
Information
Published : 2020-06-15 18:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-14148
Mitre link : CVE-2020-14148
CVE.ORG link : CVE-2020-14148
JSON object : View
Products Affected
fedoraproject
- fedora
barton
- ngircd
debian
- debian_linux
CWE
CWE-125
Out-of-bounds Read