header-logo
Suggest Exploit
vendor:
Ircd hybrid-6
by:
SecurityFocus
7,5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Ircd hybrid-6
Affected Version From: beta 58
Affected Version To: beta 58
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Ircd hybrid-6 (up to beta 58) Remote Access Vulnerability

Ircd hybrid-6 (up to beta 58) has a vulnerability which can allow remote access to the irc server (ircd). In most cases this attack results in the attacker gaining the privileges of the user 'irc'. This vulnerability is in the invite handling code (m_invite). In a channel with operators (ops) and modes +pi (paranoid + invite-only), a channel invitation is reported to all other operators. The buffer used to store the invitation notice can be overflown by up to 15 bytes.

Mitigation:

Upgrade to the latest version of Ircd hybrid-6.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/581/info

Ircd hybrid-6 (up to beta 58) has a vulnerability which can allow remote access to the irc server (ircd). In most cases this attack results in the attacker gaining the privileges of the user 'irc'.

This vulnerability is in the invite handling code (m_invite). In a channel with operators (ops) and modes +pi (paranoid + invite-only), a channel invitation is reported to all other operators. The buffer used to store the invitation notice can be overflown by up to 15 bytes. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19459.tgz

Navigation

Suggest Exploit

Services By CQR