Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence.
CVSS Score
9.1
EPSS Score
0.001
Published
2022-02-14
Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed in 7.2.8.
CVSS Score
7.5
EPSS Score
0.013
Published
2017-03-02