PT-2019-6268 · Inspircd+4 · Inspircd+4

Sadiecat

Publicado

2019-08-19

Atualizado

2025-04-02

CVE-2019-20917

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions InspIRCd versions prior to 2.0.28 InspIRCd versions prior to 3.3.0

Description The issue is related to a NULL pointer dereference in the mysql module of InspIRCd when built against mariadb-connector-c 3.0.5 or newer. This can be exploited for remote crashing of an InspIRCd server by any user able to connect to it, particularly when combined with the sqlauth or sqloper modules. The vulnerability is associated with pointer dereference errors, which can allow a remote attacker to cause a denial of service.

Recommendations For InspIRCd versions prior to 2.0.28, update to version 2.0.28 or later. For InspIRCd versions prior to 3.3.0, update to version 3.3.0 or later.

Correção

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALT-PU-2020-3126

ALT-PU-2020-3171

ALT-PU-2024-11122

BDU:2022-06171

CVE-2019-20917

DLA-2375-1

DSA-4764-1

USN-7405-1

Produtos afetados

Alt Linux

Inspircd

Linuxmint

Ubuntu

Mariadb Connector/C

PT-2019-6268 · Inspircd+4 · Inspircd+4

CVE-2019-20917

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 19