Lucene search

PRIOn knowledge basePRION:CVE-2007-6122

HistoryNov 26, 2007 - 10:46 p.m.

Information disclosure

2007-11-2622:46:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.095 Low

EPSS

Percentile

94.6%

JSON

The default_encrypt function in encrypt.c in IRC Services before 5.0.63, and 5.1.x before 5.1.7, allows remote attackers to cause a denial of service (daemon crash) via a long password. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
irc_servicesle5.1.7
irc_servicesle5.0.62

CPE	Name	Operator	Version
	irc_services	le	5.1.7
	irc_services	le	5.0.62

References

bugs.gentoo.org/show_bug.cgi?id=199897

lists.ircservices.za.net/pipermail/ircservices/2007/005558.html

lists.ircservices.za.net/pipermail/ircservices/2007/005564.html

secunia.com/advisories/27761

secunia.com/advisories/28090

security.gentoo.org/glsa/glsa-200712-12.xml

www.ircservices.za.net/Changes.txt

www.securityfocus.com/bid/26517

www.vupen.com/english/advisories/2007/3959

exchange.xforce.ibmcloud.com/vulnerabilities/38591

6.6 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.095 Low

EPSS

Percentile

94.6%

JSON

Related for PRION:CVE-2007-6122