4 matches found
CVE-2016-7143
The mauthenticate function in modules/msasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...
CVE-2016-7143
CVE-2016-7143 affects the Charybdis IRC daemon (m_authenticate in modules/m_sasl.c) prior to version 3.5.3. The vulnerability lets remote attackers spoof certificate fingerprints and log in as another user via a crafted AUTHENTICATE parameter, with impact described as partial confidentiality/inte...
Debian DSA-3661-1 : charybdis - security update
It was discovered that incorrect SASL authentication in the Charybdis IRC server may lead to users impersonating other users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3661. The text...
[SECURITY] [DSA 3661-1] charybdis security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3661-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 06, 2016 https://www.debian.org/security/faq -...