Ubuntu: Security Advisory (USN-6761-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6761-1: Anope vulnerability

It was discovered that Anope did not properly process credentials for suspended accounts. An attacker could possibly use this issue to normally login to the platform as a suspended user after changing their password...

USN-6761-1 anope vulnerability

It was discovered that Anope did not properly process credentials for suspended accounts. An attacker could possibly use this issue to normally login to the platform as a suspended user after changing their password...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS. : Anope vulnerability (USN-6761-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS. host has a package installed that is affected by a vulnerability as referenced in the USN-6761-1 advisory. It was discovered that Anope did not properly process credentials for suspended accounts. An attacker cou...

Improper Access Control

Anope is vulnerable to password reset of suspended accounts. The vulnerability is due to a lack of prevention mechanisms in versions before 2.0.15, allowing the resetting of passwords for suspended accounts...

CVE-2024-30187

Anope before 2.0.15 does not prevent resetting the password of a suspended account...

CVE-2024-30187

Anope before 2.0.15 does not prevent resetting the password of a suspended account...

DEBIAN-CVE-2024-30187

Anope before 2.0.15 does not prevent resetting the password of a suspended account...

UBUNTU-CVE-2024-30187

Anope before 2.0.15 does not prevent resetting the password of a suspended account...

CVE-2024-30187

Anope before 2.0.15 does not prevent resetting the password of a suspended account...

CVE-2024-30187

Summary: CVE-2024-30187 affects Anope prior to 2.0.15, where credentials for suspended accounts are not handled securely, enabling password resets to compromise login for suspended users. The issue is documented across multiple feeds (NVD, OSV, Ubuntu USN). What’s affected: Anope 2.0.14 and earli...

CVE-2024-30187

Anope before 2.0.15 does not prevent resetting the password of a suspended account...

CVE-2024-30187

Anope before 2.0.15 does not prevent resetting the password of a suspended account...

CVE-2024-30187

Anope before 2.0.15 does not prevent resetting the password of a suspended account...

PT-2024-23238 · Anope +3 · Anope +3

Name of the Vulnerable Software and Affected Versions: Anope versions prior to 2.0.15 Description: The issue allows resetting the password of a suspended account. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where th...

Anope 安全漏洞

Anope is a set of open source IRC services open sourced by Anope IRC Services. A security vulnerability exists in Anope versions prior to 2.0.15, which stems from a vulnerability that does not prevent an attacker from resetting the password of a suspended account...

SUSE CVE-2014-9773

modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the 1 LIST, 2 CLEAR, or 3 MODIFY keyword nicks...

CVE-2014-9773

modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the 1 LIST, 2 CLEAR, or 3 MODIFY keyword nicks...

DEBIAN-CVE-2014-9773

modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the 1 LIST, 2 CLEAR, or 3 MODIFY keyword nicks...

Code injection

modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the 1 LIST, 2 CLEAR, or 3 MODIFY keyword nicks...