11 matches found
Authentication Bypass
charybdis is vulnerable to authentication bypass. The mauthenticate function in modules/msasl.c allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a malicious AUTHENTICATE parameter...
CVE-2016-7145
The mauthenticate function in ircd/mauthenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...
CVE-2016-7145
The mauthenticate function in ircd/mauthenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...
CVE-2016-7144
The mauthenticate function in modules/msasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...
CVE-2016-7144
The mauthenticate function in modules/msasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...
CVE-2016-7144
The CVE-2016-7144 entry relates to UnrealIRCd where the m_authenticate function in modules/m_sasl.c enables remote attackers to spoof certificate fingerprints and log in as another user via a crafted AUTHENTICATE parameter. Affected versions are UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6. Th...
CVE-2016-7143
The mauthenticate function in modules/msasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...
CVE-2016-7143
The mauthenticate function in modules/msasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...
CVE-2016-7143
Removed by vendor...
CVE-2016-7143
CVE-2016-7143 affects the Charybdis IRC daemon (m_authenticate in modules/m_sasl.c) prior to version 3.5.3. The vulnerability lets remote attackers spoof certificate fingerprints and log in as another user via a crafted AUTHENTICATE parameter, with impact described as partial confidentiality/inte...
CVE-2016-7143
The mauthenticate function in modules/msasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...