Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> FreeBSD Local Security Checks >> FreeBSD Ports : bnc <= 2.8.9


Vulnerability Assessment Details

FreeBSD Ports : bnc <= 2.8.9

Vulnerability Assessment Summary
Check for the version of the bnc package

Detailed Explanation for this Vulnerability Assessment

The remote host has one of the following packages installed :

bnc <= 2.8.9

The function getnickuserhost() suffers from a buffer-overflow. It is called
when BNC processes a response from IRC server. An attacking server can use
this vulnerability to gain shell access, on the BNC running machine.

Solution : http://www.vuxml.org/freebsd/1f8dea68-3436-11d9-952f-000c6e8f12ef.html
Network Security Threat Level: High

Networks Security ID: 11355

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

PAIR Intel Xeon E5-2667v2 SR19W 8 Core 3.30GHz Processors CPU LGA-2011
$9.99
PAIR Intel Xeon E5-2667v2 SR19W 8 Core 3.30GHz Processors CPU LGA-2011  pictureHP Z620 Workstation SIX CORE 3.20GHz E5-1650 32GB RAM 500GB HDD TOWER
$9.99
HP Z620 Workstation SIX CORE 3.20GHz E5-1650 32GB RAM 500GB HDD TOWER pictureLot of 4 Intel Xeon E5-2697 v2 2.7GHz 30MB 12-Core 8.0GT/s LGA2011 SR19H
$699.99
Lot of 4 Intel Xeon E5-2697 v2 2.7GHz 30MB 12-Core 8.0GT/s LGA2011 SR19H pictureIntel Xeon E5-2650V2 2.6 GHz 2MB L2 Cache 20MB L3 Cache LGA 2011 95W SR1A8
$57.0
Intel Xeon E5-2650V2 2.6 GHz 2MB L2 Cache 20MB L3 Cache LGA 2011 95W SR1A8  picture


Discussions

No Discussions have been posted on this vulnerability.