Lucene search
K

176 matches found

BDU FSTEC
BDU FSTEC
added 2019/08/20 12:0 a.m.7 views

The vulnerabilities in the LoadModule, GetModInfo, and GetModPathInfo functions from src/Modules.cpp of the client disconnection mechanism from the IRC server or the selected channel allow a malicious user to elevate their privileges and execute arbitrary code.

The vulnerabilities of the LoadModule, GetModInfo, and GetModPathInfo functions in src/Modules.cpp, which allow for disabling clients from connecting to IRC servers or the selected channel, are related to a lack of mechanism for controlling user privileges. Exploiting these vulnerabilities could...

9CVSS6AI score0.04127EPSS
Exploits0References3Affected Software2
ArchLinux
ArchLinux
added 2019/07/01 12:0 a.m.36 views

[ASA-201907-1] irssi: arbitrary code execution

Arch Linux Security Advisory ASA-201907-1 ========================================= Severity: High Date : 2019-07-01 CVE-ID : CVE-2019-13045 Package : irssi Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-999 Summary ======= The package irssi before version...

8.1CVSS1.8AI score0.03333EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2018/02/16 7:49 p.m.29 views

CVE-2018-7050

A NULL pointer dereference was found in Irssi when an "empty" nick joins a channel. A remote attacker, who can control an IRC server, could crash IRC clients by leveraging this vulnerability...

7.5CVSS3.2AI score0.02351EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/02/16 4:49 p.m.31 views

CVE-2018-7053

A use-after-free was found in the way Irssi, version 0.8.18 and later, handled out of order SASL messages sent by an IRC server. A remote attacker, who controls an IRC server, could crash the application by exploiting this flaw...

9.8CVSS2.9AI score0.0245EPSS
Exploits0References1
Mageia
Mageia
added 2018/01/12 7:49 p.m.36 views

Updated irssi packages fix security vulnerabilities

Joseph Bisch discovered that Irssi incorrectly handled incomplete escape codes. If a user were tricked into using malformed commands or opening malformed files, an attacker could use this issue to cause Irssi to crash, resulting in a denial of service CVE-2018-5205. Joseph Bisch discovered that...

9.8CVSS2.5AI score0.02439EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/01/11 12:0 a.m.30 views

Ubuntu 14.04 LTS / 16.04 LTS : Irssi vulnerabilities (USN-3527-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3527-1 advisory. Joseph Bisch discovered that Irssi incorrectly handled incomplete escape codes. If a user were tricked into using malformed commands or openi...

9.8CVSS8.6AI score0.02439EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2017/06/07 9:37 a.m.29 views

CVE-2017-9468

A null pointer dereference was found in the way irssi handles DCC messages that do not contain a source nick/host. A malicious IRC server could be used to crash an irssi client by sending a specially crafted DCC message...

7.5CVSS2.5AI score0.03248EPSS
Exploits0References2
CVE
CVE
added 2017/03/07 3:0 p.m.39 views

CVE-2016-7145

The CVE-2016-7145 entry describes a vulnerability in the nefarious2 IRC daemon where the m_authenticate function (ircd/m_authenticate.c) can be abused by remote attackers to spoof certificate fingerprints and log in as another user via a crafted AUTHENTICATE parameter. This is a client-authentica...

9.8CVSS9AI score0.00887EPSS
Exploits0References2Affected Software1
Mageia
Mageia
added 2017/02/07 1:34 p.m.11 views

Updated irssi-otr packages fix security vulnerability

It was discovered that irssi-otr had a flaw in handing data returned by libotr. After the initiation of the OTR session only the first line was sent as a PRIVMSG, while additional data would be sent as raw commands to the IRC server. The additional data would ordinarily be a human-readable...

2.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/09/09 12:0 a.m.20 views

Debian DSA-3662-1 : inspircd - security update

It was discovered that incorrect SASL authentication in the Inspircd IRC server may lead to users impersonating other users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3662. The text...

5.9CVSS6.2AI score0.0108EPSS
Exploits0References3
OSV
OSV
added 2016/09/08 12:0 a.m.14 views

DSA-3662-1 inspircd - security update

Bulletin has no description...

5.9CVSS5.6AI score0.0108EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/09/08 12:0 a.m.21 views

Debian DSA-3661-1 : charybdis - security update

It was discovered that incorrect SASL authentication in the Charybdis IRC server may lead to users impersonating other users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3661. The text...

8.1CVSS7.3AI score0.0106EPSS
Exploits0References3
Debian
Debian
added 2016/09/06 8:14 p.m.18 views

[SECURITY] [DSA 3661-1] charybdis security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3661-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 06, 2016 https://www.debian.org/security/faq -...

8.1CVSS8.1AI score0.0106EPSS
Exploits0
OSV
OSV
added 2016/09/06 12:0 a.m.16 views

DSA-3661-1 charybdis - security update

Bulletin has no description...

8.1CVSS7.9AI score0.0106EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/09/06 12:0 a.m.28 views

Debian Security Advisory DSA 3661-1 (charybdis - security update)

It was discovered that incorrect SASL authentication in the Charybdis IRC server may lead to users impersonating other users. OpenVAS Vulnerability Test $Id: deb3661.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3661-1 using nvtgen 1.0 Script version: 1.0 Author:...

6.8CVSS0.2AI score0.0106EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/09/05 12:0 a.m.22 views

Debian: Security Advisory (DSA-3661-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.2AI score0.0106EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2015/12/30 12:0 a.m.44 views

InspIRCd: Multiple vulnerabilities

Background InspIRCd is a modular Internet Relay Chat IRC server written in C++ which was created from scratch to be stable, modern and lightweight. Description Multiple vulnerabilities have been discovered in InspIRCd. Please review the CVE identifiers referenced below for details. Impact A remot...

9.8CVSS9.1AI score0.02282EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2015/10/30 10:29 a.m.18 views

CVE-2006-6811

KsIRC 1.3.12 allows remote attackers to cause a denial of service crash via a long PRIVMSG string when connecting to an Internet Relay Chat IRC server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow...

6.5CVSS7.4AI score0.09993EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2015/10/30 10:17 a.m.16 views

CVE-2007-4584

Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the pmode variable...

10CVSS8.3AI score0.14686EPSS
Exploits0References3
n0where
n0where
added 2015/09/23 5:32 p.m.620 views

Bash: How to open TCP/UDP sockets

How to open TCP/UDP sockets using a built-in feature in Bash ? Bash shell has a built-in feature that allows to open TCP/UDP sockets using a simple syntax. This is very useful when tools like netcat are not installed or we don’t have the permission to use it. The syntax is $ exec...

7AI score
Exploits0
Rows per page
Query Builder