Vulnerabilities > CVE-2007-4404 - Remote vulnerability in Universal Ircd Ircu 2.10.12.01
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
ircu 2.10.12.01 allows remote attackers to (1) cause a denial of service (flood wallops) by joining two channels with certain long names that differ in the final character, which triggers a protocol violation and (2) cause a denial of service (daemon crash) via a "J 0:#channel" message on a channel without an apass; and (3) allows remote authenticated operators to cause a denial of service (daemon crash) via a remote "names -D" command.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://osvdb.org/46710
- http://osvdb.org/46711
- http://osvdb.org/46712
- http://securityreason.com/securityalert/3031
- http://www.securityfocus.com/archive/1/476285/100/0/threaded
- http://www.securityfocus.com/bid/25285
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35984
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35986
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35987