CVE-2009-1789 in Ubuntu

CVE-2009-1789

Priority

Description

mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier
allows remote attackers to cause a denial of service (crash) via a crafted
PRIVMSG that causes an empty string to trigger a negative string length
copy. NOTE: this issue exists because of an incorrect fix for
CVE-2007-2807.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1789

Notes

Package

Source: eggdrop (LP Ubuntu Debian)

Upstream:	released (1.6.19-1.2)
Ubuntu 22.04 LTS (Jammy Jellyfish):	released (1.6.19-1.2ubuntu1)

Patches:

Debdiff:

https://bugs.launchpad.net/ubuntu/+source/eggdrop/+bug/377054

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-02-10 23:37:27 UTC (commit acb3d89ab51f1d5e5543fa993969c0eb13c71f04)