9 matches found
InspIRCd < 2.0.23 'm_sasl' Module SASL_EXTERNAL Authentication Spoofing Vulnerability
InspIRCd is prone to an authentication spoofing vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...
CVE-2016-7142
The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message...
CVE-2016-7142
The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message...
DEBIAN-CVE-2016-7142
The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message...
Authentication flaw
The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message...
CVE-2016-7142
The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message...
CVE-2016-7142
The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message...
CVE-2016-7142
CVE-2016-7142 describes an authentication spoofing flaw in the InspIRCd m_sasl module prior to 2.0.23 when used with a SASL_EXTERNAL service. A remote attacker can craft a SASL message to spoof certificate fingerprints and log in as another user. Multiple connected sources (OSV entries and NVD) c...
FreeBSD : inspircd -- authentication bypass vulnerability (70c85c93-743c-11e6-a590-14dae9d210b8)
Adam reports : A serious vulnerability exists in when using msasl in combination with any services that support SASL EXTERNAL. To be vulnerable you must have msasl loaded, and have services which support SASL EXTERNAL authentication. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...