VULHUB ™

Behamut IRCd has been reported prone to remotely exploitable format string vulnerability. The issue presents itself when Behamut is compiled with DEBUGMODE defined. Reportedly a remote attacker may send malicious format specifiers to trigger an error. By passing specially crafted format specifiers through the IRC session, a remote attacker could potentially corrupt process memory and may have the ability to execute arbitrary code with the privileges of the affected daemon. It should be noted that IRC daemons that are derived from the Behamut source have also been reported vulnerable.

Behamut IRCd has been reported prone to remotely exploitable format string vulnerability. The issue presents itself when Behamut is compiled with DEBUGMODE defined. Reportedly a remote attacker may send malicious format specifiers to trigger an error. By passing specially crafted format specifiers through the IRC session, a remote attacker could potentially corrupt process memory and may have the ability to execute arbitrary code with the privileges of the affected daemon. It should be noted that IRC daemons that are derived from the Behamut source have also been reported vulnerable.