CVE-2007-1327

Name of the Vulnerable Software and Affected Versions silc-server version 1.0.2

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash due to a NULL dereference. This occurs when a request is made without a cipher algorithm and with an invalid HMAC algorithm, specifically targeting the SILC SERVER CMD FUNC function in the silcd/command.c application.

Recommendations For silc-server version 1.0.2, as a temporary workaround, consider disabling the SILC SERVER CMD FUNC function until a patch is available. Restrict access to the silcd/command.c application to minimize the risk of exploitation. Avoid processing requests without a cipher algorithm and with an invalid HMAC algorithm in the affected function.