CVE-2003-0478

AndromedeIRCd 1.2.3-Release - Format String Vulnerability in Debug Mode

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0478. PoCs published by Dinos.

AI-analyzed exploit summary This exploit targets a format string vulnerability in Bahamut IRCd <= 1.4.35 when compiled with DEBUGMODE. It sends malicious format specifiers to trigger a crash or potential arbitrary code execution.

Description

Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) ircd-RU, when running in debug mode, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request containing format strings.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Dinos · cdoslinux
https://www.exploit-db.com/exploits/22839

This exploit targets a format string vulnerability in Bahamut IRCd <= 1.4.35 when compiled with DEBUGMODE. It sends malicious format specifiers to trigger a crash or potential arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: Bahamut IRCd <= 1.4.35
No auth needed
Prerequisites: Bahamut IRCd compiled with DEBUGMODE · Network access to the IRC server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105665996104723&w=2
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105673489525906&w=2
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105673555726823&w=2

Scores

EPSS 0.1228
EPSS Percentile 95.7%

Details

Status published
Products (5)
andromede/adromedeircd 1.2.3
bahamut/ircd < 1.4.35
daniel_moss/methane 0.1.1
hans_westerhof/digatech 1.2.1
wenet/ircd-ru
Published Aug 07, 2003
Tracked Since Feb 18, 2026