Irc Services: Security Vulnerabilities
The default_encrypt function in encrypt.c in IRC Services before 5.0.63, and 5.1.x before 5.1.7, allows remote attackers to cause a denial of service (daemon crash) via a long password. NOTE: some of these details are obtained from third party information.
CVSS Score
5.0
EPSS Score
0.016
Published
2007-11-26
Unspecified vulnerability in IRC Services 5.1.8 has unknown impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.004
Published
2007-11-26
IRC Services before 5.0.62, and 5.1 before 5.1pre3, allows remote attackers to disconnect users with guest nicknames by linking a guest nickname to a nickname that is already registered.
CVSS Score
5.0
EPSS Score
0.011
Published
2007-06-15
The do_set_password function in modules/chanserv/set.c in IRC Services before 5.0.60 preserves channel founder privileges across a channel password change (ChanServ SET PASSWORD), which allows remote authenticated users to obtain the new password through automated e-mail, or perform privileged actions without knowing the new password.
CVSS Score
5.0
EPSS Score
0.004
Published
2007-06-15
Unknown vulnerability in IRC Services NickServ LISTLINKS before 5.0.50 allows remote attackers to obtain the links of a nick.
CVSS Score
5.0
EPSS Score
0.003
Published
2005-05-02