Universal Ircd: >> Ircu Security Vulnerabilities
ircu 2.10.12.01 allows remote attackers to (1) cause a denial of service (flood wallops) by joining two channels with certain long names that differ in the final character, which triggers a protocol violation and (2) cause a denial of service (daemon crash) via a "J 0:#channel" message on a channel without an apass; and (3) allows remote authenticated operators to cause a denial of service (daemon crash) via a remote "names -D" command.
CVSS Score
7.8
EPSS Score
0.025
Published
2007-08-18
ircu 2.10.12.02 through 2.10.12.04 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by creating a large number of unused channels (zannels).
CVSS Score
7.8
EPSS Score
0.007
Published
2007-08-18
ircu 2.10.12.01 through 2.10.12.04 does not remove ops privilege after a join from a server with an older timestamp (TS), which allows remote attackers to gain control of a channel during a split.
CVSS Score
7.5
EPSS Score
0.006
Published
2007-08-18
ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops privilege on an unused channel (zannel), which allows remote attackers to (1) set or remove certain channel modes via a "netriding" attack or (2) take over a channel by joining an unlinked server with the A/Upass and then setting a new Apass.
CVSS Score
6.4
EPSS Score
0.007
Published
2007-08-18
ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking.
CVSS Score
5.0
EPSS Score
0.004
Published
2007-08-18
Race condition in ircu 2.10.12.01 through 2.10.12.05 allows remote attackers to set a new Apass during a netburst by arranging for ops privilege to be granted before the mode arrives.
CVSS Score
5.1
EPSS Score
0.007
Published
2007-08-18
ircu 2.10.12.05 and earlier does not properly synchronize a kick action in certain cross scenarios, which allows remote authenticated operators to prevent later kick or de-op actions from non-local ops.
CVSS Score
6.0
EPSS Score
0.005
Published
2007-08-18
ircu 2.10.12.05 and earlier allows remote attackers to discover the hidden IP address of arbitrary +x users via a series of /silence commands with (1) CIDR mask arguments or (2) certain other arguments that represent groups of IP addresses, then monitoring CTCP ping replies.
CVSS Score
4.3
EPSS Score
0.003
Published
2007-08-18