CVE-2006-6811

MEDIUM

KsIRC 1.3.12 - DoS

Title source: llm

Description

KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Federico L. Bossi Bonin · cdoslinux

https://www.exploit-db.com/exploits/3023

View Code ZIP pw:eip

References (13)

[Broken Link] http://osvdb.org/33443

[Third Party Advisory] http://security.gentoo.org/glsa/glsa-200701-26.xml

[Broken Link, Third Party Advisory, VDB Entry] http://securitytracker.com/id?1017453

[Broken Link] http://www.addict3d.org/index.php?page=viewarticle&trace=0&type=security&ID=8468

[Third Party Advisory] http://www.kde.org/info/security/advisory-20070109-1.txt

[Broken Link] http://www.mandriva.com/security/advisories?name=MDKSA-2007:009

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/456379/100/0/threaded

[Broken Link, Exploit, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/21790

[Third Party Advisory] http://www.ubuntu.com/usn/usn-409-1

[Broken Link] http://www.vupen.com/english/advisories/2006/5199

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/31134

[Broken Link] https://issues.rpath.com/browse/RPL-922

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/3023

Scores

CVSS v3 6.5

EPSS 0.0562

EPSS Percentile 90.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

CWE

CWE-617

Status draft

Affected Products (4)

kde/ksirc

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

Timeline

Published Dec 29, 2006

Tracked Since Feb 18, 2026