15 matches found
EUVD-2007-4391
Malware in sbrugna...
EUVD-2007-4390
Malware in sbrugna...
CVE-2020-15251
In the Channelmgnt plug-in for Sopel a Python IRC bot before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2...
VulnCheck KEV: CVE-2020-15251
In the Channelmgnt plug-in for Sopel a Python IRC bot before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2...
UBUNTU-CVE-2020-15251
In the Channelmgnt plug-in for Sopel a Python IRC bot before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2...
PYSEC-2020-110
In the Channelmgnt plug-in for Sopel a Python IRC bot before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2...
Code injection
ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking...
CVE-2007-4407
ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops privilege on an unused channel zannel, which allows remote attackers to 1 set or remove certain channel modes via a "netriding" attack or 2 take over a channel by joining an unlinked server with the A/Upass and then setting a...
CVE-2007-4408
ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking...
DEBIAN-CVE-2007-4408
ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking...
CVE-2007-4408
ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking...
CVE-2007-4408
ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking...
CVE-2007-4407
CVE-2007-4407 affects ircu versions 2.10.12.03 and 2.10.12.04. The flaw does not associate a timestamp with ops privilege on an unused channel (zannel), enabling remote attackers to manipulate channel modes via a netriding attack or to take over a channel by joining an unlinked server with A/Upas...
Debian DSA-099-1 : xchat - IRC session hijacking
zen-parse found a vulnerability in the XChat IRC client that allows an attacker to take over the users IRC session. It is possible to trick XChat IRC clients into sending arbitrary commands to the IRC server they are on, potentially allowing social engineering attacks, channel takeovers, and deni...
Mandrake Linux Security Advisory : xchat (MDKSA-2002:006)
zen-parse discovered a problem in versions 1.4.2 and 1.4.3 of xchat that could allow a malicious user to send commands to the IRC server they are on which would take advantage of the CTCP PING reply handler in xchat. This could be used for denial of service, channel takeovers, and other similar...