Lucene search
K
Universal IrcdIrcu

8 matches found

CVE
CVE
added 2007/08/18 9:0 p.m.56 views

CVE-2007-4409

CVE-2007-4409 describes a race condition in ircu versions 2.10.12.01–2.10.12.05 that can let remote attackers gain an Apass during a netburst by pre-granting ops privileges before the mode arrives. This is a privilege-change vulnerability in the IRC server component. Impact: potential privilege e...

5.1CVSS6.7AI score0.01335EPSS
CVE
CVE
added 2007/08/18 9:0 p.m.51 views

CVE-2007-4406

CVE-2007-4406 affects ircu 2.10.12.01 through 2.10.12.04. The issue arises because ops privilege is not removed after a join from a server with an older timestamp, enabling remote attackers to gain control of a channel during a split. The available sources confirm the vulnerability details and af...

7.5CVSS7AI score0.01501EPSS
CVE
CVE
added 2007/08/18 9:0 p.m.44 views

CVE-2007-4407

CVE-2007-4407 affects ircu versions 2.10.12.03 and 2.10.12.04. The flaw does not associate a timestamp with ops privilege on an unused channel (zannel), enabling remote attackers to manipulate channel modes via a netriding attack or to take over a channel by joining an unlinked server with A/Upas...

6.4CVSS6.7AI score0.0148EPSS
CVE
CVE
added 2007/08/18 9:0 p.m.44 views

CVE-2007-4410

Affected software: ircu (IRC daemon) versions 2.10.12.05 and earlier. Issue: a synchronization flaw in handling kick actions in certain cross scenarios. Root cause: kick actions are not properly synchronized, enabling remote authenticated operators to block or override subsequent kick or de-op ac...

6CVSS6.2AI score0.01087EPSS
CVE
CVE
added 2007/08/18 9:0 p.m.43 views

CVE-2007-4405

CVE-2007-4405 affects ircu 2.10.12.02 through 2.10.12.04. The issue allows remote attackers to cause a denial of service by creating a large number of unused channels (zannels), consuming memory and bandwidth. All other details, including a confirmed remediation or patch version, are not provided...

7.8CVSS6.7AI score0.01697EPSS
CVE
CVE
added 2007/08/18 9:0 p.m.42 views

CVE-2007-4404

CVE-2007-4404 affects ircu 2.10.12.01. The issue permits remote denial-of-service via: (1) protocol violation when joining two channels with long names differing in the final character (flood wallops); (2) a daemon crash triggered by a "J 0:#channel" message on a channel without an apass; and (3)...

7.8CVSS6.2AI score0.02443EPSS
CVE
CVE
added 2007/08/18 9:0 p.m.41 views

CVE-2007-4408

CVE-2007-4408 affects ircu 2.10.12.05 and earlier. The issue is that ircu ignores timestamps in bounces, enabling remote attackers to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking. The connected documents confirm the affect...

5CVSS6.7AI score0.01291EPSS
CVE
CVE
added 2007/08/18 9:0 p.m.37 views

CVE-2007-4411

CVE-2007-4411 affects ircu 2.10.12.05 and earlier. The issue allows remote attackers to reveal the hidden IP address of arbitrary +x users by issuing a sequence of /silence commands using either (1) CIDR mask arguments or (2) other arguments that map to IP groups, and then observing CTCP ping rep...

4.3CVSS6.9AI score0.01183EPSS