{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-01-29T00:00:00", "descriptions": [{"lang": "en", "value": "The try_parse_v4_netmask function in hostmask.c in IRCD-Hybrid before 8.0.6 does not properly validate masks, which allows remote attackers to cause a denial of service (crash) via a mask that causes a negative number to be parsed."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "DSA-2618", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2013/dsa-2618"}, {"name": "52106", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/52106"}, {"name": "[oss-security] 20130129 ircd-hybrid: Denial of service vulnerability in hostmask.c:try_parse_v4_netmask()", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2013/01/29/8"}, {"name": "MDVSA-2013:093", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:093"}, {"name": "57610", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/57610"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://svn.ircd-hybrid.org:8000/viewcvs.cgi/ircd-hybrid/trunk/src/hostmask.c?r1=1786&r2=1785&pathrev=1786"}, {"name": "51948", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51948"}, {"name": "ircdhybrid-tryparsev4netmask-dos(81695)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81695"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0055"}, {"name": "89623", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/89623"}, {"name": "24951", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/24951"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699267"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:18:09.550Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-2618", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2013/dsa-2618"}, {"name": "52106", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/52106"}, {"name": "[oss-security] 20130129 ircd-hybrid: Denial of service vulnerability in hostmask.c:try_parse_v4_netmask()", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2013/01/29/8"}, {"name": "MDVSA-2013:093", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:093"}, {"name": "57610", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/57610"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://svn.ircd-hybrid.org:8000/viewcvs.cgi/ircd-hybrid/trunk/src/hostmask.c?r1=1786&r2=1785&pathrev=1786"}, {"name": "51948", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51948"}, {"name": "ircdhybrid-tryparsev4netmask-dos(81695)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81695"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0055"}, {"name": "89623", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/89623"}, {"name": "24951", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/24951"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699267"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-0238", "datePublished": "2013-02-13T01:00:00", "dateReserved": "2012-12-06T00:00:00", "dateUpdated": "2024-08-06T14:18:09.550Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:*:*:*:*:*:*:*:*", "matchCriteriaId": "86C8A0C8-4746-4A32-AEAF-6E1E0DC6F91A", "versionEndIncluding": "8.0.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "F5CB5086-4F61-4333-AAE3-5D7A8BFC4C61", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "9A014594-6C4F-44FE-AD2C-EFB68A07FBE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:7.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "889E8F76-753E-4E71-B905-D0A481085486", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:7.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "456247AA-A2E9-4D74-BFCC-3F7FC86A7EFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2A461012-E529-4980-8DA6-4338E21315D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:7.3.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "625ACA9D-463D-40E0-B21C-AB0B5F8B5645", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "53C1B4F8-3352-4972-9DCF-694741038432", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "1DAA4B35-BA16-4B3D-87FD-3D0FEE6CC2D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:8.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "164F43EA-2C8C-44DD-9557-8E3E19A0E709", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:8.0.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "1F17DC13-1E65-44CB-B281-03F21B205334", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:8.0.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "4B6E867B-2586-4B10-AA21-1ECD2345847F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:8.0.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "9149286A-AA6F-4E67-931E-40F910DCE20C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F56A5EF1-5E14-42AB-88E7-EF6C3A9CC09E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6B408E49-A6FE-4C23-9A8F-5FB88B8F9D94", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D134E3FA-BAE8-47DB-A88E-01F005D7983B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ircd-hybrid:ircd-hybrid:8.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "E9C74B4A-6040-48CA-9165-6C8BCAB45CB5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The try_parse_v4_netmask function in hostmask.c in IRCD-Hybrid before 8.0.6 does not properly validate masks, which allows remote attackers to cause a denial of service (crash) via a mask that causes a negative number to be parsed."}, {"lang": "es", "value": "La funci\u00f3n try_parse_v4_netmask en hostmask.c en IRCD-Hybrid anteriores a v8.0.6 no valida adecuadamente las mascaras, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una mascara que causa un n\u00famero negativo a analizar."}], "id": "CVE-2013-0238", "lastModified": "2024-11-21T01:47:07.943", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-02-13T01:55:04.090", "references": [{"source": "secalert@redhat.com", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699267"}, {"source": "secalert@redhat.com", "url": "http://osvdb.org/89623"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/51948"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/52106"}, {"source": "secalert@redhat.com", "url": "http://svn.ircd-hybrid.org:8000/viewcvs.cgi/ircd-hybrid/trunk/src/hostmask.c?r1=1786&r2=1785&pathrev=1786"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2013/dsa-2618"}, {"source": "secalert@redhat.com", "url": "http://www.exploit-db.com/exploits/24951"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:093"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2013/01/29/8"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/57610"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81695"}, {"source": "secalert@redhat.com", "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699267"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/89623"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/51948"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/52106"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://svn.ircd-hybrid.org:8000/viewcvs.cgi/ircd-hybrid/trunk/src/hostmask.c?r1=1786&r2=1785&pathrev=1786"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2013/dsa-2618"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.exploit-db.com/exploits/24951"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:093"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2013/01/29/8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/57610"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81695"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0055"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}