Wouter Coekaerts

**Name of the Vulnerable Software and Affected Versions** Spring Framework versions 3.0.0 through 3.0.5 Spring Security versions 2.0.0 through 2.0.6 Spring Security versions 3.0.0 through 3.0.5 **Description** The issue allows remote attackers to bypass intended security restrictions and execute untrusted code by deserializing objects from untrusted sources. This can be achieved by serializing a `java.lang.Proxy` instance and using `InvocationHandler`, or by accessing internal AOP interfaces. An example of exploitation is the deserialization of a `DefaultListableBeanFactory` instance to execute arbitrary commands via the `java.lang.Runtime` class. **Recommendations** For Spring Framework versions 3.0.0 through 3.0.5, consider disabling the deserialization of objects from untrusted sources until a patch is available. For Spring Security versions 2.0.0 through 2.0.6, restrict access to internal AOP interfaces to minimize the risk of exploitation. For Spring Security versions 3.0.0 through 3.0.5, avoid using the `InvocationHandler` to handle serialized `java.lang.Proxy` instances until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Prosody versions prior to 0.8.1 **Description** The issue allows remote attackers to cause a denial of service due to memory and CPU consumption. This is achieved through a crafted XML document containing a large number of nested entity references. **Recommendations** For versions prior to 0.8.1, update to version 0.8.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** DJabberd versions prior to 0.85 **Description** The issue allows remote authenticated users to read arbitrary files and possibly send HTTP requests to intranet servers or cause a denial of service due to CPU and memory consumption. This is achieved via an XML external entity declaration in conjunction with an entity reference. **Recommendations** For versions prior to 0.85, update to version 0.85 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** jabberd14 versions 1.6.1.1 and earlier **Description** The issue allows remote attackers to cause a denial of service due to memory and CPU consumption. This is achieved through a crafted XML document containing a large number of nested entity references, which the software does not properly detect during recursion. **Recommendations** For jabberd14 versions 1.6.1.1 and earlier, consider restricting the size and complexity of incoming XML documents to prevent excessive resource consumption until a proper fix is applied. As a temporary workaround, limiting the number of nested entity references in XML documents may help mitigate the risk of denial of service attacks.

**Name of the Vulnerable Software and Affected Versions** DJabberd versions 0.84 and earlier **Description** The issue allows remote attackers to cause a denial of service due to memory and CPU consumption. This is achieved through a crafted XML document containing a large number of nested entity references. **Recommendations** For DJabberd versions 0.84 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ircu versions 2.10.12.05 and earlier **Description** The issue arises from improper synchronization of a kick action in certain cross scenarios, allowing remote authenticated operators to prevent later kick or de-op actions from non-local ops. **Recommendations** For versions 2.10.12.05 and earlier, consider restricting access to operator privileges to minimize the risk of exploitation until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Konversation (affected versions not specified) **Description** The issue is related to a CRLF injection vulnerability in the included media script. This allows user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ircu versions 2.10.12.03 through 2.10.12.04 **Description** The issue allows remote attackers to set or remove certain channel modes via a "netriding" attack or take over a channel by joining an unlinked server with the A/Upass and then setting a new Apass, due to the lack of a timestamp association with ops privilege on an unused channel. **Recommendations** For versions 2.10.12.03 and 2.10.12.04, consider restricting access to unused channels to prevent exploitation until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Konversation version 0.15 **Description** The issue allows remote attackers to execute certain IRC commands via a channel name containing `%` variables. These variables are recursively expanded by the `Server::parseWildcards` function when the Part Button is selected. **Recommendations** For Konversation version 0.15, consider disabling the Quick Buttons feature or restricting the use of the `%` variables in channel names until a patch is available. Avoid using the Part Button with channel names containing `%` variables to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Konversation version 0.15 **Description** The issue in Konversation inadvertently uses the user-provided password as the nickname when connecting to the IRC server, potentially leaking the password to other users. **Recommendations** For Konversation version 0.15, consider avoiding the use of the Quick Connection dialog until a fix is available, and instead, use an alternative method to connect to the IRC server that does not expose the password.

**Name of the Vulnerable Software and Affected Versions** Konversation version 0.15 **Description** The issue allows remote attackers to execute arbitrary commands via shell metacharacters in channel names or song names that are not properly quoted when the user runs IRC scripts. **Recommendations** For Konversation version 0.15, consider disabling the execution of IRC scripts until a patch is available to prevent the exploitation of this issue. Restrict access to channel names and song names to minimize the risk of arbitrary command execution.