CVE-2010-0303

hybserv2 1.9.2-1.9.4 - Denial of Service via MemoServ Private Message

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-0303. PoCs published by Julien Cristau.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service vulnerability in Hybserv2 by sending a malformed PRIVMSG command to the memoserv service. The vulnerability is triggered by the inclusion of a tab character in the command, causing the service to crash.

Description

mystring.c in hybserv in IRCD-Hybrid (aka Hybrid2 IRC Services) 1.9.2 through 1.9.4 allows remote attackers to cause a denial of service (daemon crash) via a ":help \t" private message to the MemoServ service.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Julien Cristau · textdoslinux

https://www.exploit-db.com/exploits/33581

View Code ZIP pw:eip

This exploit demonstrates a denial-of-service vulnerability in Hybserv2 by sending a malformed PRIVMSG command to the memoserv service. The vulnerability is triggered by the inclusion of a tab character in the command, causing the service to crash.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Hybserv2 1.9.4

No auth needed

Prerequisites: Network access to the target Hybserv2 service

MITRE ATT&CK