CVE-2005-2763 (vulnerable 0.3.5 - fixed 0.4.5)

Short description: Multiple format string vulnerabilities

Official CVE-2005-2763 entry at cve.mitre.org.

Related bug reports:

  • There are no related bugs.

Related commits:

Patches: (sometimes more fuzz is needed to apply them)

Format string vulnerabilities where the client's name or leave message would be interpreted as a format string. This can cause crashes of the server, i.e. denial of service, or possibly execution of arbitrary code.

Note that this is a partial backport of trunk r2899.