CVE-2003-0478

Bahamut IRCd <1.4.35 - RCE

Title source: llm

Description

Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) ircd-RU, when running in debug mode, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request containing format strings.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dinos · cdoslinux

https://www.exploit-db.com/exploits/22839

View Code ZIP pw:eip

References (3)

[Mailing List] http://marc.info/?l=bugtraq&m=105665996104723&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=105673489525906&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=105673555726823&w=2

Scores

EPSS 0.0555

EPSS Percentile 90.3%

Details

Status published

Products (5)

andromede/adromedeircd 1.2.3

bahamut/ircd < 1.4.35

daniel_moss/methane 0.1.1

hans_westerhof/digatech 1.2.1

wenet/ircd-ru

Published Aug 07, 2003

Tracked Since Feb 18, 2026