Vulnerabilities > CVE-2007-4407 - Remote vulnerability in Universal Ircd Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
PARTIAL Summary
ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops privilege on an unused channel (zannel), which allows remote attackers to (1) set or remove certain channel modes via a "netriding" attack or (2) take over a channel by joining an unlinked server with the A/Upass and then setting a new Apass.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |