header-logo
Suggest Exploit
vendor:
Hybrid IRCd
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Hybrid IRCd
Affected Version From: beta 58
Affected Version To: beta 58
Patch Exists: YES
Related CWE: N/A
CPE: a:hybrid_ircd:hybrid_ircd:6
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Ircd hybrid-6 Vulnerability

Ircd hybrid-6 (up to beta 58) has a vulnerability which can allow remote access to the irc server (ircd). In most cases this attack results in the attacker gaining the privileges of the user 'irc'. This vulnerability is in the invite handling code (m_invite). In a channel with operators (ops) and modes +pi (paranoid + invite-only), a channel invitation is reported to all other operators. The buffer used to store the invitation notice can be overflown by up to 15 bytes.

Mitigation:

Apply the latest patch from the vendor and ensure that all systems are running the latest version of the software.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/581/info

Ircd hybrid-6 (up to beta 58) has a vulnerability which can allow remote access to the irc server (ircd). In most cases this attack results in the attacker gaining the privileges of the user 'irc'.

This vulnerability is in the invite handling code (m_invite). In a channel with operators (ops) and modes +pi (paranoid + invite-only), a channel invitation is reported to all other operators. The buffer used to store the invitation notice can be overflown by up to 15 bytes. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19459.tgz

Navigation

Suggest Exploit

Services By CQR