channel.c in ngIRCd 20 and 20.1 allows remote attackers to cause a denial of service (assertion failure and crash) via a KICK command for a user who is not on the associated channel.
Max CVSS
5.0
EPSS Score
3.26%
Published
2013-03-28
Updated
2013-12-01
The (1) Conn_GetCipherInfo and (2) Conn_UsesSSL functions in src/ngircd/conn.c in ngIRCd 13 and 14, when SSL/TLS support is present and standalone mode is disabled, allow remote attackers to cause a denial of service (application crash) by sending the MOTD command from another server in the same IRC network, possibly related to an array index error.
Max CVSS
2.6
EPSS Score
6.37%
Published
2010-02-26
Updated
2017-08-17
ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial of service (crash) via crafted IRC PART message, which triggers an invalid dereference.
Max CVSS
5.0
EPSS Score
4.12%
Published
2008-01-16
Updated
2008-09-05
irc-channel.c in ngIRCd before 0.10.3 allows remote attackers to cause a denial of service (crash) via a JOIN command without a channel argument.
Max CVSS
5.0
EPSS Score
3.17%
Published
2007-11-20
Updated
2013-08-07
Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
6.99%
Published
2005-02-03
Updated
2016-10-18
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!