Lucene search
K

206 matches found

Gentoo Linux
Gentoo Linux
added 2021/07/09 12:0 a.m.72 views

InspIRCd: Information disclosure

Background InspIRCd is a modular Internet Relay Chat IRC server written in C++ which was created from scratch to be stable, modern and lightweight. Description InspIRCd incorrectly handled malformed PONG messages, resulting in access of freed memory. Impact A remote attacker could send crafted...

4.3CVSS2.4AI score0.0089EPSS
Exploits0
Veracode
Veracode
added 2021/05/28 2:24 p.m.19 views

Unauthorized Access

InspIRCd allows unauthorized access.Any user is able to access recently deallocated memory via a malformed PONG issue...

4.3CVSS4.9AI score0.0089EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/05/27 5:15 a.m.3 views

DEBIAN-CVE-2021-33586

InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user able to connect to the server to access recently deallocated memory, aka the "malformed PONG" issue...

4.3CVSS4.9AI score0.0089EPSS
Exploits0References1
Prion
Prion
added 2021/05/27 5:15 a.m.11 views

Code injection

InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user able to connect to the server to access recently deallocated memory, aka the "malformed PONG" issue...

4CVSS4.5AI score0.0089EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/05/27 5:15 a.m.2 views

UBUNTU-CVE-2021-33586

InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user able to connect to the server to access recently deallocated memory, aka the "malformed PONG" issue...

4.3CVSS5.8AI score0.0089EPSS
Exploits0References4
CVE
CVE
added 2021/05/27 5:0 a.m.114 views

CVE-2021-33586

CVE-2021-33586 affects InspIRCd 3.8.0 through 3.9.x prior to 3.10.0, where malformed PONG handling allows a connected remote user to access recently deallocated memory. The issue is described as an information exposure/memory access vulnerability in the server’s handling of PONG messages. Several...

4.3CVSS4.4AI score0.0089EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/05/27 12:0 a.m.6 views

InspIRCd 安全漏洞

InspIRCd is a modular Internet Relay Chat IRC server written in c++ for Linux, BSD, Windows and macOS systems! A security vulnerability exists in InspIRCd versions 3.8.0 through 3.9.x prior to 3.10.0, which allows any user capable of connecting to the server to access recently freed memory...

4.3CVSS5.1AI score0.0089EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/01/04 12:0 a.m.19 views

FreeBSD : InspIRCd websocket module double free vulnerability (53e9efa1-4be7-11eb-8558-3085a9a47796)

The InspIRCd development team reports : The websocket module before v3.8.1 contains a double free vulnerability. When combined with a HTTP reverse proxy this vulnerability can be used by any user who is GKZ-lined to remotely crash an InspIRCd server. C Tenable Network Security, Inc. The descripti...

5.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/21 12:0 a.m.26 views

Debian DSA-4764-1 : inspircd - security update

Two security issues were discovered in the pgsql and mysql modules of the InspIRCd IRC daemon, which could result in denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4764. The text itself is...

6.8CVSS6AI score0.02787EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/09/21 12:0 a.m.24 views

Debian DLA-2375-1 : inspircd security update

Two security issues were discovered in the modules of the InspIRCd IRC daemon, which could result in denial of service. CVE-2019-20917 mysql module before v3.3.0 contains a NULL pointer dereference when built against mariadb-connector-c. When combined with the sqlauth or sqloper modules this...

6.8CVSS6.1AI score0.02787EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/09/21 12:0 a.m.13 views

Debian: Security Advisory (DLA-2375-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.02787EPSS
Exploits0References4
Debian
Debian
added 2020/09/20 5:13 a.m.54 views

[SECURITY] [DLA 2375-1] inspircd security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2375-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA September 19, 2020 https://wiki.debian.org/LTS -...

6.8CVSS7AI score0.02787EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/09/20 12:0 a.m.15 views

Debian: Security Advisory (DSA-4764-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.02787EPSS
Exploits0References4
OSV
OSV
added 2020/09/19 12:0 a.m.18 views

DLA-2375-1 inspircd - security update

Bulletin has no description...

6.8CVSS6.3AI score0.02787EPSS
Exploits0
Debian
Debian
added 2020/09/18 5:14 p.m.47 views

[SECURITY] [DSA 4764-1] inspircd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4764-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 18, 2020 https://www.debian.org/security/faq -...

6.8CVSS7AI score0.02787EPSS
Exploits0
OSV
OSV
added 2020/09/18 12:0 a.m.20 views

DSA-4764-1 inspircd - security update

Bulletin has no description...

6.8CVSS6.3AI score0.02787EPSS
Exploits0
NVD
NVD
added 2020/09/11 5:15 a.m.10 views

CVE-2019-20918

An issue was discovered in InspIRCd 3 before 3.1.0. The silence module contains a use after free vulnerability. This vulnerability can be used for remote crashing of an InspIRCd server by any user able to fully connect to a server...

6.8CVSS0.01488EPSS
Exploits0References3
OSV
OSV
added 2020/09/11 5:15 a.m.1 views

DEBIAN-CVE-2020-25269

An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0. The pgsql module contains a use after free vulnerability. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server...

6.5CVSS6.1AI score0.02686EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 5:15 a.m.26 views

CVE-2020-25269

An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0. The pgsql module contains a use after free vulnerability. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server...

6.8CVSS0.02686EPSS
Exploits0References5
NVD
NVD
added 2020/09/11 5:15 a.m.21 views

CVE-2019-20917

An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd...

6.8CVSS0.02787EPSS
Exploits0References5
Rows per page
Query Builder