206 matches found
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : InspIRCd vulnerabilities (USN-7405-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7405-1 advisory. It was discovered that InspIRCd did not correctly handle certificate fingerprints, which could lead to spoofing. A remote attacke...
Debian: Security Advisory (DLA-384-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-276-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2021-33586
InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user able to connect to the server to access recently deallocated memory, aka the "malformed PONG" issue...
SUSE CVE-2022-24976
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence...
The vulnerability of InspIRCd, related to the use of memory after it is freed, allows a hacker to trigger a service failure.
The vulnerability of InspIRCd relates to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of InspIRCd, related to pointer assignment errors, allows a hacker to trigger a service failure.
The vulnerability of InspIRCd relates to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Security update for atheme (important)
openSUSE Security Update: Security update for atheme Announcement ID: openSUSE-SU-2022:10018-1 Rating: important References: 1174075 1195989 Cross-References: CVE-2022-24976 CVSS scores: CVE-2022-24976 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: openSUSE Backports...
Denial Of Service (DoS)
Atheme IRC Services is vulnerable to denial of service. When used in conjunction with InspIRCd, it allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence...
CVE-2022-24976
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence...
CVE-2022-24976
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence...
DEBIAN-CVE-2022-24976
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence...
Authentication flaw
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence...
UBUNTU-CVE-2022-24976
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence...
CVE-2022-24976
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence...
CVE-2022-24976
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence...
CVE-2022-24976
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence...
CVE-2022-24976
CVE-2022-24976 affects Atheme IRC Services prior to 7.2.12 when used with InspIRCd, enabling authentication bypass by ending the challenge–response login sequence at a specific point in the IRC handshake. The issue is documented with a fixed release in theme 7.2.12, as shown by multiple advisorie...
CVE-2022-24976
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence...
GLSA-202107-22 : InspIRCd: Information disclosure
The remote host is affected by the vulnerability described in GLSA-202107-22 InspIRCd: Information disclosure InspIRCd incorrectly handled malformed PONG messages, resulting in access of freed memory. Impact : A remote attacker could send crafted packets to the server, possibly allowing them to...