Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> FreeBSD Local Security Checks >> FreeBSD Ports : bnc <= 2.8.9


Vulnerability Assessment Details

FreeBSD Ports : bnc <= 2.8.9

Vulnerability Assessment Summary
Check for the version of the bnc package

Detailed Explanation for this Vulnerability Assessment

The remote host has one of the following packages installed :

bnc <= 2.8.9

The function getnickuserhost() suffers from a buffer-overflow. It is called
when BNC processes a response from IRC server. An attacking server can use
this vulnerability to gain shell access, on the BNC running machine.

Solution : http://www.vuxml.org/freebsd/1f8dea68-3436-11d9-952f-000c6e8f12ef.html
Network Security Threat Level: High

Networks Security ID: 11355

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

Cisco Catalyst 3560 V2 PoE 24 Port -2 SFP Ethernet Switch Model:WS-C3560V2-24P-S
$63.86
Cisco Catalyst 3560 V2 PoE 24 Port -2 SFP Ethernet Switch Model:WS-C3560V2-24P-S pictureCisco Gigabit Transceiver Module 30-1421-01 SFP-GE-T EXT 1000BASE-T
$107.9
Cisco Gigabit Transceiver Module 30-1421-01 SFP-GE-T EXT 1000BASE-T pictureHp J8177c Compatible 1000base-Tx Sfp
$75.3
Hp J8177c Compatible 1000base-Tx Sfp pictureSMC Networks AS4210-28PB 24-Port RJ-45 4 SFP Gigabit Ethernet PoE L2 Switch NEW
$89.95
SMC Networks AS4210-28PB 24-Port RJ-45 4 SFP Gigabit Ethernet PoE L2 Switch NEW picture


Discussions

No Discussions have been posted on this vulnerability.