Lucene search
K

206 matches found

Prion
Prion
added 2016/09/26 3:59 p.m.23 views

Authentication flaw

The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message...

4.3CVSS6.8AI score0.0108EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2016/09/26 3:59 p.m.3 views

UBUNTU-CVE-2016-7142

The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message...

5.9CVSS6.3AI score0.0108EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2016/09/26 3:59 p.m.111 views

CVE-2016-7142

The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message...

5.9CVSS6.3AI score0.0108EPSS
Exploits0References4
CVE
CVE
added 2016/09/26 3:0 p.m.73 views

CVE-2016-7142

CVE-2016-7142 describes an authentication spoofing flaw in the InspIRCd m_sasl module prior to 2.0.23 when used with a SASL_EXTERNAL service. A remote attacker can craft a SASL message to spoof certificate fingerprints and log in as another user. Multiple connected sources (OSV entries and NVD) c...

5.9CVSS5.4AI score0.0108EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2016/09/26 3:0 p.m.20 views

CVE-2016-7142

The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message...

5.4AI score0.0108EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2016/09/26 3:0 p.m.18 views

CVE-2016-7142

The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message...

5.9CVSS5.5AI score0.0108EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/09/09 12:0 a.m.20 views

Debian DSA-3662-1 : inspircd - security update

It was discovered that incorrect SASL authentication in the Inspircd IRC server may lead to users impersonating other users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3662. The text...

5.9CVSS6.2AI score0.0108EPSS
Exploits0References3
Debian
Debian
added 2016/09/08 5:42 p.m.23 views

[SECURITY] [DSA 3662-1] inspircd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3662-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 08, 2016 https://www.debian.org/security/faq -...

5.9CVSS5.6AI score0.0108EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2016/09/08 12:0 a.m.1 views

PT-2016-7233 · Inspircd +2 · Inspircd +2

Name of the Vulnerable Software and Affected Versions: InspIRCd versions prior to 2.0.23 Description: The issue allows remote attackers to spoof certificate fingerprints, enabling them to log in as another user by sending a crafted SASL message when the m sasl module is used with a service that...

6.8CVSS5.9AI score0.02787EPSS
Exploits0References24
OpenVAS
OpenVAS
added 2016/09/08 12:0 a.m.18 views

Debian Security Advisory DSA 3662-1 (inspircd - security update)

It was discovered that incorrect SASL authentication in the Inspircd IRC server may lead to users impersonating other users. OpenVAS Vulnerability Test $Id: deb3662.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3662-1 using nvtgen 1.0 Script version: 1.0 Author:...

4.3CVSS0.3AI score0.0108EPSS
Exploits0References1
OSV
OSV
added 2016/09/08 12:0 a.m.15 views

DSA-3662-1 inspircd - security update

Bulletin has no description...

5.9CVSS5.6AI score0.0108EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/09/08 12:0 a.m.18 views

FreeBSD : inspircd -- authentication bypass vulnerability (70c85c93-743c-11e6-a590-14dae9d210b8)

Adam reports : A serious vulnerability exists in when using msasl in combination with any services that support SASL EXTERNAL. To be vulnerable you must have msasl loaded, and have services which support SASL EXTERNAL authentication. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

5.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2016/09/07 12:0 a.m.22 views

Debian: Security Advisory (DSA-3662-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.0108EPSS
Exploits0References3
CNVD
CNVD
added 2016/09/06 12:0 a.m.5 views

Inspircd SSL Certificate Spoofing Vulnerability

InspIRCd is an extensible and modular Internet Relay Chat IRC server written in C++ for Linux, BSD, Windows and Mac OS X systems. Inspircd suffers from a security vulnerability. An attacker can exploit this vulnerability to spoof valid certificates...

5.9CVSS6.8AI score0.0108EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/09/03 12:0 a.m.12 views

inspircd -- authentication bypass vulnerability

Adam reports: A serious vulnerability exists in when using msasl in combination with any services that support SASL EXTERNAL. To be vulnerable you must have msasl loaded, and have services which support SASL EXTERNAL authentication...

2.3AI score
Exploits0References1
NVD
NVD
added 2016/04/12 2:59 p.m.11 views

CVE-2015-8702

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

8.6CVSS8.2AI score0.02282EPSS
Exploits1References5
OSV
OSV
added 2016/04/12 2:59 p.m.7 views

CVE-2015-8702

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

8.6CVSS8.2AI score
Exploits0References5
OSV
OSV
added 2016/04/12 2:59 p.m.2 views

DEBIAN-CVE-2015-8702

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

8.6CVSS8.2AI score0.02282EPSS
Exploits1References1
OSV
OSV
added 2016/04/12 2:59 p.m.4 views

UBUNTU-CVE-2015-8702

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

8.6CVSS7.3AI score0.02282EPSS
Exploits1References4
Prion
Prion
added 2016/04/12 2:59 p.m.16 views

Default credentials

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

7.8CVSS6.9AI score0.02282EPSS
Exploits1References5Affected Software2
Rows per page
Query Builder