Vulnerability Name:

CVE-2010-0300 (CCN-55947)

Assigned:2010-01-28
Published:2010-01-28
Updated:2010-02-05
Summary:cache.c in ircd-ratbox before 2.2.9 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a HELP command.
Per: http://cwe.mitre.org/data/definitions/476.html

'CWE-476: NULL Pointer Dereference'
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2010-0300

Source: MLIST
Type: UNKNOWN
[ircd-ratbox] 20100125 ircd-ratbox-2.2.9 released

Source: CCN
Type: SA38210
ircd-ratbox Integer Underflow and NULL Pointer Dereference Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
38210

Source: SECUNIA
Type: Vendor Advisory
38383

Source: CONFIRM
Type: UNKNOWN
http://security.debian.org/pool/updates/main/i/ircd-ratbox/ircd-ratbox_2.2.8.dfsg-2+lenny1.diff.gz

Source: DEBIAN
Type: UNKNOWN
DSA-1980

Source: DEBIAN
Type: DSA-1980
ircd-hybrid/ircd-ratbox -- integer underflow/denial of service

Source: CCN
Type: ircd-ratbox Web Page
ircd-ratbox Project

Source: CCN
Type: OSVDB ID: 62150
ircd-ratbox cache.c HELP Command NULL Dereference Remote DoS

Source: CCN
Type: BID-37979
ircd-ratbox 'HELP' Command Denial Of Service Vulnerability

Source: CCN
Type: Red Hat Bugzilla Bug 559382
CVE-2009-4016 CVE-2010-0300 ircd-{hybrid,ratbox}: multiple vulnerabilities Aliases: (CVE-2009-4016, CVE-2010-0300) Summary: CVE-2009-4016 CVE-2010-0300 ircd-{hybrid,ratbox}: multiple vulnerabilities

Source: XF
Type: UNKNOWN
ircdratbox-help-dos(55947)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ircd-ratbox:ircd-ratbox:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.4:rc1:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.4:rc2:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:1.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.1.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.1.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:*:*:*:*:*:*:*:* (Version <= 2.2.8)

  • Configuration CCN 1:
  • cpe:/a:ircd-ratbox:ircd-ratbox:2.0_rc6:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:ircd-ratbox:ircd-ratbox:2.2.8:*:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:13188
    P
    DSA-1980-1 ircd-hybrid/ircd-ratbox -- integer underflow/denial of service
    2014-06-23
    oval:org.mitre.oval:def:7105
    P
    DSA-1980 ircd-hybrid/ircd-ratbox -- integer underflow/denial of service
    2014-06-23
    oval:com.ubuntu.precise:def:20100300000
    V
    CVE-2010-0300 on Ubuntu 12.04 LTS (precise) - medium.
    2010-02-04
    oval:com.ubuntu.trusty:def:20100300000
    V
    CVE-2010-0300 on Ubuntu 14.04 LTS (trusty) - medium.
    2010-02-04
    oval:org.debian:def:1980
    V
    integer underflow/denial of service
    2010-01-27
    BACK
    ircd-ratbox ircd-ratbox 1.0
    ircd-ratbox ircd-ratbox 1.1
    ircd-ratbox ircd-ratbox 1.1.1
    ircd-ratbox ircd-ratbox 1.1.2
    ircd-ratbox ircd-ratbox 1.2.1
    ircd-ratbox ircd-ratbox 1.2.2
    ircd-ratbox ircd-ratbox 1.2.3
    ircd-ratbox ircd-ratbox 1.3
    ircd-ratbox ircd-ratbox 1.3.1
    ircd-ratbox ircd-ratbox 1.3.2
    ircd-ratbox ircd-ratbox 1.4
    ircd-ratbox ircd-ratbox 1.4 rc1
    ircd-ratbox ircd-ratbox 1.4 rc2
    ircd-ratbox ircd-ratbox 1.4.1
    ircd-ratbox ircd-ratbox 1.4.2
    ircd-ratbox ircd-ratbox 1.5
    ircd-ratbox ircd-ratbox 1.5.1
    ircd-ratbox ircd-ratbox 1.5.2
    ircd-ratbox ircd-ratbox 1.5.3
    ircd-ratbox ircd-ratbox 2.0.0
    ircd-ratbox ircd-ratbox 2.0.1
    ircd-ratbox ircd-ratbox 2.0.2
    ircd-ratbox ircd-ratbox 2.0.3
    ircd-ratbox ircd-ratbox 2.0.4
    ircd-ratbox ircd-ratbox 2.0.5
    ircd-ratbox ircd-ratbox 2.0.6
    ircd-ratbox ircd-ratbox 2.0.7
    ircd-ratbox ircd-ratbox 2.0.8
    ircd-ratbox ircd-ratbox 2.0.9
    ircd-ratbox ircd-ratbox 2.0.10
    ircd-ratbox ircd-ratbox 2.0.11
    ircd-ratbox ircd-ratbox 2.1.0
    ircd-ratbox ircd-ratbox 2.1.0 beta1
    ircd-ratbox ircd-ratbox 2.1.0 beta2
    ircd-ratbox ircd-ratbox 2.1.1
    ircd-ratbox ircd-ratbox 2.1.2
    ircd-ratbox ircd-ratbox 2.1.3
    ircd-ratbox ircd-ratbox 2.1.4
    ircd-ratbox ircd-ratbox 2.1.5
    ircd-ratbox ircd-ratbox 2.1.6
    ircd-ratbox ircd-ratbox 2.1.7
    ircd-ratbox ircd-ratbox 2.1.8
    ircd-ratbox ircd-ratbox 2.2.0
    ircd-ratbox ircd-ratbox 2.2.0 rc1
    ircd-ratbox ircd-ratbox 2.2.0 rc2
    ircd-ratbox ircd-ratbox 2.2.0 rc3
    ircd-ratbox ircd-ratbox 2.2.1
    ircd-ratbox ircd-ratbox 2.2.2
    ircd-ratbox ircd-ratbox 2.2.3
    ircd-ratbox ircd-ratbox 2.2.4
    ircd-ratbox ircd-ratbox 2.2.5
    ircd-ratbox ircd-ratbox 2.2.6
    ircd-ratbox ircd-ratbox 2.2.7
    ircd-ratbox ircd-ratbox 2.2.7.1
    ircd-ratbox ircd-ratbox *
    ircd-ratbox ircd-ratbox 2.0_rc6
    ircd-ratbox ircd-ratbox 2.2.5
    ircd-ratbox ircd-ratbox 2.2.6
    ircd-ratbox ircd-ratbox 2.2.8
    debian debian linux 5.0