206 matches found
InspIRCd: Information disclosure
Background InspIRCd is a modular Internet Relay Chat IRC server written in C++ which was created from scratch to be stable, modern and lightweight. Description InspIRCd incorrectly handled malformed PONG messages, resulting in access of freed memory. Impact A remote attacker could send crafted...
Unauthorized Access
InspIRCd allows unauthorized access.Any user is able to access recently deallocated memory via a malformed PONG issue...
DEBIAN-CVE-2021-33586
InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user able to connect to the server to access recently deallocated memory, aka the "malformed PONG" issue...
Code injection
InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user able to connect to the server to access recently deallocated memory, aka the "malformed PONG" issue...
UBUNTU-CVE-2021-33586
InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user able to connect to the server to access recently deallocated memory, aka the "malformed PONG" issue...
CVE-2021-33586
CVE-2021-33586 affects InspIRCd 3.8.0 through 3.9.x prior to 3.10.0, where malformed PONG handling allows a connected remote user to access recently deallocated memory. The issue is described as an information exposure/memory access vulnerability in the server’s handling of PONG messages. Several...
InspIRCd 安全漏洞
InspIRCd is a modular Internet Relay Chat IRC server written in c++ for Linux, BSD, Windows and macOS systems! A security vulnerability exists in InspIRCd versions 3.8.0 through 3.9.x prior to 3.10.0, which allows any user capable of connecting to the server to access recently freed memory...
FreeBSD : InspIRCd websocket module double free vulnerability (53e9efa1-4be7-11eb-8558-3085a9a47796)
The InspIRCd development team reports : The websocket module before v3.8.1 contains a double free vulnerability. When combined with a HTTP reverse proxy this vulnerability can be used by any user who is GKZ-lined to remotely crash an InspIRCd server. C Tenable Network Security, Inc. The descripti...
Debian DSA-4764-1 : inspircd - security update
Two security issues were discovered in the pgsql and mysql modules of the InspIRCd IRC daemon, which could result in denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4764. The text itself is...
Debian DLA-2375-1 : inspircd security update
Two security issues were discovered in the modules of the InspIRCd IRC daemon, which could result in denial of service. CVE-2019-20917 mysql module before v3.3.0 contains a NULL pointer dereference when built against mariadb-connector-c. When combined with the sqlauth or sqloper modules this...
Debian: Security Advisory (DLA-2375-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2375-1] inspircd security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2375-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA September 19, 2020 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DSA-4764-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-2375-1 inspircd - security update
Bulletin has no description...
[SECURITY] [DSA 4764-1] inspircd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4764-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 18, 2020 https://www.debian.org/security/faq -...
DSA-4764-1 inspircd - security update
Bulletin has no description...
CVE-2019-20918
An issue was discovered in InspIRCd 3 before 3.1.0. The silence module contains a use after free vulnerability. This vulnerability can be used for remote crashing of an InspIRCd server by any user able to fully connect to a server...
DEBIAN-CVE-2020-25269
An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0. The pgsql module contains a use after free vulnerability. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server...
CVE-2020-25269
An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0. The pgsql module contains a use after free vulnerability. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server...
CVE-2019-20917
An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd...