CVE-2003-0864

IRCnet IRCD 2.10.x-2.10.3p3 - Denial of Service via m_join Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0864. PoCs published by millhouse.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in IRCnet IRCD (2.10.3p3 and below) by sending a maliciously crafted JOIN command, leading to a denial-of-service (DoS) condition. The exploit leverages a strcat() overflow in channel.c, though the author notes that arbitrary code execution is not feasible due to lack of EIP control.

Description

Buffer overflow in m_join in channel.c for IRCnet IRCD 2.10.x to 2.10.3p3 allows remote attackers to cause a denial of service.

Exploits (1)

exploitdb WORKING POC VERIFIED

by millhouse · cdoslinux

https://www.exploit-db.com/exploits/23239

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in IRCnet IRCD (2.10.3p3 and below) by sending a maliciously crafted JOIN command, leading to a denial-of-service (DoS) condition. The exploit leverages a strcat() overflow in channel.c, though the author notes that arbitrary code execution is not feasible due to lack of EIP control.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: IRCnet IRCD 2.10.3p3 and below

No auth needed

Prerequisites: Network access to the target IRC server · The attacker's IP must match a server's I-Line configuration

MITRE ATT&CK