Ircd-Ratbox: >> Ircd-Ratbox >> 1.2.3 Security Vulnerabilities
modules/m_capab.c in (1) ircd-ratbox before 3.0.8 and (2) Charybdis before 3.4.2 does not properly support capability negotiation during server handshakes, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed request.
CVSS Score
5.0
EPSS Score
0.006
Published
2013-01-01
Integer underflow in the clean_string function in irc_string.c in (1) IRCD-hybrid 7.2.2 and 7.2.3, (2) ircd-ratbox before 2.2.9, and (3) oftc-hybrid before 1.6.8, when flatten_links is disabled, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a LINKS command.
CVSS Score
6.8
EPSS Score
0.04
Published
2010-02-04
cache.c in ircd-ratbox before 2.2.9 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a HELP command.
CVSS Score
5.0
EPSS Score
0.009
Published
2010-02-04