Vulnerability Details CVE-2007-3360
hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.069
EPSS Ranking 91.0%
CVSS Severity
CVSS v2 Score 9.3
References
- http://osvdb.org/37479
- http://secunia.com/advisories/25759
- http://secunia.com/advisories/34870
- http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.285737
- http://www.securityfocus.com/bid/24579
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34969
- https://www.exploit-db.com/exploits/4087
- http://osvdb.org/37479
- http://secunia.com/advisories/25759
- http://secunia.com/advisories/34870
- http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.285737
- http://www.securityfocus.com/bid/24579
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34969
- https://www.exploit-db.com/exploits/4087