CVE-2007-5226

dircproxy < 1.2.0 - Denial of Service via NULL Pointer Dereference in ACTION Command

Title source: llm
STIX 2.1

Description

irc_server.c in dircproxy 1.2.0 and earlier allows remote attackers to cause a denial of service (segmentation fault) via an ACTION command without a parameter, which triggers a NULL pointer dereference, as demonstrated using a blank /me message from irssi.

References (2)

Core 2
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=319301
Various Sources x_refsource_misc
http://dircproxy.securiweb.net/ticket/89

Scores

EPSS 0.0169
EPSS Percentile 74.5%

Details

CWE
CWE-20
Status published
Products (1)
dircproxy/dircproxy < 1.2.0
Published Oct 05, 2007
Tracked Since Feb 18, 2026