Universal Ircd : Security Vulnerabilities, CVEs, (Denial of service)
ircu 2.10.12.01 allows remote attackers to (1) cause a denial of service (flood wallops) by joining two channels with certain long names that differ in the final character, which triggers a protocol violation and (2) cause a denial of service (daemon crash) via a "J 0:#channel" message on a channel without an apass; and (3) allows remote authenticated operators to cause a denial of service (daemon crash) via a remote "names -D" command.
Max CVSS
7.8
EPSS Score
4.08%
Published
2007-08-18
Updated
2018-10-15
ircu 2.10.12.02 through 2.10.12.04 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by creating a large number of unused channels (zannels).
Max CVSS
7.8
EPSS Score
1.61%
Published
2007-08-18
Updated
2018-10-15
2 vulnerabilities found