Dconnect: >> Dconnect Daemon Security Vulnerabilities
Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to execute arbitrary code via a large nickname, which is not properly handled by the listen_thread_udp function.
CVSS Score
7.5
EPSS Score
0.27
Published
2006-08-14
The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to cause a denial of service (application crash) by sending a client message before providing the nickname, which triggers a null pointer dereference.
CVSS Score
5.0
EPSS Score
0.113
Published
2006-08-14
Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote administrators to execute arbitrary code via format string specifiers that are not properly handled when calling the (1) privmsg() or (2) pubmsg functions from (a) cmd.user.c, (b) penalties.c, or (c) cmd.dc.c.
CVSS Score
4.6
EPSS Score
0.016
Published
2006-08-14