14 matches found
SIRCD Server 0.5.2/0.5.3 Operator Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9097/info sircd has been reported prone to a privilege escalation vulnerability. It has been reported that any user logged on to the sircd server, may set their usermode to +o, or operator mode. An attacker may exploit th...
FreeBSD : sircd -- remote operator privilege escalation vulnerability (e92d8f6b-a1c0-11db-9ddc-0011098b2f36)
Secunia reports : A vulnerability has been reported in sircd, which can be exploited by malicious users to gain operator privileges. The problem is that any user reportedly can set their usermode to operator. The vulnerability has been reported in versions 0.5.2 and 0.5.3. Other versions may also...
FreeBSD Ports: sircd
The remote host is missing an update to the system as announced in the referenced advisory. VID e92d8f6b-a1c0-11db-9ddc-0011098b2f36 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: sircd
The remote host is missing an update to the system as announced in the referenced advisory. VID 1374b96c-a1c2-11db-9ddc-0011098b2f36 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: sircd
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: sircd
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2003-1377
CVE-2003-1377 affects Smart IRC Daemon (SIRCD) versions 0.4.0 and 0.4.4. The vulnerability is a buffer overflow in the reverse DNS lookup triggered by a client with a long hostname, allowing remote code execution. The available sources document the affected component and the underlying cause (bou...
FreeBSD : sircd -- remote reverse DNS buffer overflow (1374b96c-a1c2-11db-9ddc-0011098b2f36)
Secunia reports : A vulnerability in sircd can be exploited by a malicious person to compromise a vulnerable system. The vulnerability is caused by a boundary error in the code handling reverse DNS lookups, when a user connects to the service. If the FQDN Fully Qualified Domain Name returned is...
SIRCD: Anyone can set umode +o(oper).
I recently accidentially set my own usermode to +o in SIRCD, MODE nick +o, and hey! I was oper! : Versions affected is atleast 0.5.2 och 0.5.3.. The developer has been informed about this, and I assume that it will be fixed ASAP. Here's a quick fix for those who doesnt have time to wait at least ...
SIRCD Server 0.5.2/0.5.3 - Operator Privilege Escalation
source: https://www.securityfocus.com/bid/9097/info sircd has been reported prone to a privilege escalation vulnerability. It has been reported that any user logged on to the sircd server, may set their usermode to +o, or operator mode. An attacker may exploit this condition to hijack IRC channel...
SIRCD Server 0.5.20.5.3 - Operator Privilege Escalation
SIRCD Server 0.5.20.5.3 - Operator Privilege Escalation source: https://www.securityfocus.com/bid/9097/info sircd has been reported prone to a privilege escalation vulnerability. It has been reported that any user logged on to the sircd server, may set their usermode to +o, or operator mode. An...
sircd -- remote operator privilege escalation vulnerability
Secunia reports: A vulnerability has been reported in sircd, which can be exploited by malicious users to gain operator privileges. The problem is that any user reportedly can set their usermode to operator. The vulnerability has been reported in versions 0.5.2 and 0.5.3. Other versions may also ...
sircd proof-of-concept / advisory
I. BACKGROUND According to the vendor "The 'sircd' project started as an idea from the QuakeNet IRC Network coding team to develop a completely new irc server that had none of the problems of the original ircd, such as instability, scalability issues, redundant, badly written code and other nasty...
sircd -- remote reverse DNS buffer overflow
Secunia reports: A vulnerability in sircd can be exploited by a malicious person to compromise a vulnerable system. The vulnerability is caused by a boundary error in the code handling reverse DNS lookups, when a user connects to the service. If the FQDN Fully Qualified Domain Name returned is...