Vulnerabilities > Unrealircd
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-16 | CVE-2023-50784 | Classic Buffer Overflow vulnerability in Unrealircd A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). | 7.5 |
| 2017-08-23 | CVE-2017-13649 | Improper Initialization vulnerability in Unrealircd UnrealIRCd 4.0.13 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command. | 2.1 |
| 2017-01-18 | CVE-2016-7144 | Improper Authentication vulnerability in Unrealircd The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter. | 6.8 |
| 2014-05-19 | CVE-2013-7384 | Unspecified vulnerability in Unrealircd 3.2.10/3.2.10.1 UnrealIRCd 3.2.10 before 3.2.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors, related to SSL. | 5.0 |
| 2014-05-19 | CVE-2013-6413 | Resource Management Errors vulnerability in Unrealircd 3.2.10/3.2.10.1 Use-after-free vulnerability in UnrealIRCd 3.2.10 before 3.2.10.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors. | 5.0 |
| 2010-06-15 | CVE-2010-2075 | Improper Input Validation vulnerability in Unrealircd 3.2.8.1 UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands. | 7.5 |
| 2010-06-15 | CVE-2009-4893 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Unrealircd Buffer overflow in UnrealIRCd 3.2beta11 through 3.2.8, when allow::options::noident is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | 6.8 |