Unrealircd : Security Vulnerabilities, CVEs, CVSS score >= 7

CVE-2023-50784

A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). Remote code execution might be possible on some uncommon, older platforms.
Max CVSS
7.5
EPSS Score
0.19%
Published
2023-12-16
Updated
2023-12-21

CVE-2016-7144

The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.
Max CVSS
8.1
EPSS Score
0.85%
Published
2017-01-18
Updated
2017-01-20

CVE-2010-2075

Public exploit
UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
64.95%
Published
2010-06-15
Updated
2010-06-18
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close