Lucene search

[email protected]CVE-2023-50784

HistoryDec 16, 2023 - 11:15 p.m.

CVE-2023-50784

2023-12-1623:15:40

CWE-120

[email protected]

web.nvd.nist.gov

cve-2023-50784

buffer overflow

websockets

unrealircd

remote code execution

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

56.9%

JSON

A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). Remote code execution might be possible on some uncommon, older platforms.

Affected configurations

NVD

Node

unrealircdunrealircdRange6.1.0–6.1.4

CPENameOperatorVersion
unrealircd:unrealircdunrealircdlt6.1.4

CPE	Name	Operator	Version
unrealircd:unrealircd	unrealircd	lt	6.1.4

References

forums.unrealircd.org/viewtopic.php?t=9340

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6TFYPQOKYRGPEAKOWSO6PSCBV6LUR3/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZT7QU4FCQBHYOYVD7FW5QAWNAQCSGLA/

www.unrealircd.org/index/news

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

56.9%

JSON

Related for CVE-2023-50784

openvas2 fedora2 nessus2 nvd1 prion1 cvelist1