Lucene search
HistoryAug 18, 2007 - 9:17 p.m.
CVE-2007-4408
cve-2007-4408
ircu
netjoin
remote attackers
security vulnerability
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.4%
ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking.
Affected configurations
Node
universal_ircdircuRange≤2.10.12.05
| CPE | Name | Operator | Version |
|---|---|---|---|
| universal_ircd:ircu | universal ircd ircu | le | 2.10.12.05 |
Related
ubuntucve
ubuntucve
CVE-2007-4408
2007-08-18 00:00:00
debiancve
debiancve
CVE-2007-4408
2007-08-18 21:17:00
cvelist
cvelist
CVE-2007-4408
2007-08-18 21:00:00
nvd
nvd
CVE-2007-4408
2007-08-18 21:17:00
prion
prion
Code injection
2007-08-18 21:17:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.4%
Related for CVE-2007-4408