CVE-2010-2785 (GCVE-0-2010-2785)

Vulnerability from cvelistv5 – Published: 2010-08-02 19:00 – Updated: 2024-08-07 02:46
VLAI?
Summary
The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://bugs.gentoo.org/show_bug.cgi?id=330111 x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
http://secunia.com/advisories/40796 third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/66648 vdb-entryx_refsource_OSVDB
https://svn.kvirc.de/kvirc/changeset/4693 x_refsource_CONFIRM
http://marc.info/?l=oss-security&m=128041011428629&w=2 mailing-listx_refsource_MLIST
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
http://openwall.com/lists/oss-security/2010/07/28/1 mailing-listx_refsource_MLIST
http://secunia.com/advisories/40727 third-party-advisoryx_refsource_SECUNIA
https://svn.kvirc.de/kvirc/ticket/858 x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:46:48.031Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
          },
          {
            "name": "FEDORA-2010-11524",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
          },
          {
            "name": "40796",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40796"
          },
          {
            "name": "66648",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/66648"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://svn.kvirc.de/kvirc/changeset/4693"
          },
          {
            "name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
          },
          {
            "name": "SUSE-SR:2010:014",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
          },
          {
            "name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/07/28/1"
          },
          {
            "name": "40727",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40727"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://svn.kvirc.de/kvirc/ticket/858"
          },
          {
            "name": "FEDORA-2010-11506",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-07-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \\ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \\r and \\40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-09-09T09:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
        },
        {
          "name": "FEDORA-2010-11524",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
        },
        {
          "name": "40796",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40796"
        },
        {
          "name": "66648",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/66648"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://svn.kvirc.de/kvirc/changeset/4693"
        },
        {
          "name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
        },
        {
          "name": "SUSE-SR:2010:014",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
        },
        {
          "name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/07/28/1"
        },
        {
          "name": "40727",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40727"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://svn.kvirc.de/kvirc/ticket/858"
        },
        {
          "name": "FEDORA-2010-11506",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2010-2785",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \\ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \\r and \\40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=330111",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=330111"
            },
            {
              "name": "FEDORA-2010-11524",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html"
            },
            {
              "name": "40796",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40796"
            },
            {
              "name": "66648",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/66648"
            },
            {
              "name": "https://svn.kvirc.de/kvirc/changeset/4693",
              "refsource": "CONFIRM",
              "url": "https://svn.kvirc.de/kvirc/changeset/4693"
            },
            {
              "name": "[oss-security] 20100729 Re: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2"
            },
            {
              "name": "SUSE-SR:2010:014",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
            },
            {
              "name": "[oss-security] 20100728 CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted CTCP parameter",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2010/07/28/1"
            },
            {
              "name": "40727",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40727"
            },
            {
              "name": "https://svn.kvirc.de/kvirc/ticket/858",
              "refsource": "CONFIRM",
              "url": "https://svn.kvirc.de/kvirc/ticket/858"
            },
            {
              "name": "FEDORA-2010-11506",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-2785",
    "datePublished": "2010-08-02T19:00:00",
    "dateReserved": "2010-07-22T00:00:00",
    "dateUpdated": "2024-08-07T02:46:48.031Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-2785\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2010-08-02T20:40:01.560\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \\\\ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \\\\r and \\\\40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452.\"},{\"lang\":\"es\",\"value\":\"El componente RC Protocol en KVIrc 3.x y 4.x, en versiones anteriores a la r4693, no maneja adecuadamente caracteres \\\\ (barra invertida), lo que permite a usuarios locales autenticados ejecutar comandos CTCP de su elecci\u00f3n mediante vectores relacionados con secuencias \\\\r and \\\\40, una vulnerabilidad diferente a CVE-2010-2451 y CVE-2010-2452.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kvirc:kvirc:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24A0A10B-8DDC-4C5C-9E71-DE35B5AD4F6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kvirc:kvirc:3.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A97539C0-DAFD-4187-9A31-93F3AF850588\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kvirc:kvirc:3.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB5277BA-B51B-4086-960A-3351EAB9ACA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kvirc:kvirc:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37C39663-F342-4115-B3D5-F97D3525A95A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kvirc:kvirc:3.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B91ED333-CB47-401A-894B-4A1CF5AED8E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kvirc:kvirc:3.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6742F39-882E-47E3-A375-B43C7ED771C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kvirc:kvirc:3.4.2:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D0F8E8D-E1B3-4838-A7E5-9D1678E848CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kvirc:kvirc:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63A25E20-68DF-4075-95D7-7652A7E2085B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kvirc:kvirc:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6CEC61C-E71C-4B70-B127-26E2DE2BB27F\"}]}]}],\"references\":[{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=330111\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2010/07/28/1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/40727\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/40796\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/66648\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://svn.kvirc.de/kvirc/changeset/4693\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://svn.kvirc.de/kvirc/ticket/858\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=330111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044625.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044643.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=oss-security\u0026m=128041011428629\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2010/07/28/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/40727\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/40796\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/66648\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://svn.kvirc.de/kvirc/changeset/4693\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://svn.kvirc.de/kvirc/ticket/858\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.