Vulnerabilities > Universal Ircd > Ircu > 2.10.12.04
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-18 | CVE-2007-4409 | Remote vulnerability in Universal Ircd Server Race condition in ircu 2.10.12.01 through 2.10.12.05 allows remote attackers to set a new Apass during a netburst by arranging for ops privilege to be granted before the mode arrives. | 5.1 |
2007-08-18 | CVE-2007-4407 | Remote vulnerability in Universal Ircd Server ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops privilege on an unused channel (zannel), which allows remote attackers to (1) set or remove certain channel modes via a "netriding" attack or (2) take over a channel by joining an unlinked server with the A/Upass and then setting a new Apass. | 6.4 |
2007-08-18 | CVE-2007-4406 | Remote vulnerability in Universal Ircd Server ircu 2.10.12.01 through 2.10.12.04 does not remove ops privilege after a join from a server with an older timestamp (TS), which allows remote attackers to gain control of a channel during a split. | 7.5 |
2007-08-18 | CVE-2007-4405 | Remote vulnerability in Universal Ircd Server ircu 2.10.12.02 through 2.10.12.04 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by creating a large number of unused channels (zannels). | 7.8 |