CVE-2005-0226

ngIRCd <0.8.2 - RCE

Title source: llm

Description

Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute arbitrary code.

Exploits (1)

exploitdb WORKING POC VERIFIED

by CoKi · cremotelinux

https://www.exploit-db.com/exploits/784

View Code ZIP pw:eip

References (4)

[Mailing List] http://marc.info/?l=bugtraq&m=110746413108183&w=2

[Exploit, Patch, Vendor Advisory] http://secunia.com/advisories/14114/

[Exploit, Patch, Vendor Advisory] http://www.nosystem.com.ar/advisories/advisory-11.txt

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/12434

Scores

EPSS 0.1001

EPSS Percentile 93.1%

Details

Status published

Products (1)

ngircd/ngircd 0.8.2

Published Feb 03, 2005

Tracked Since Feb 18, 2026