Micah Anderson

**Name of the Vulnerable Software and Affected Versions** Sympa versions prior to 6.1.11 **Description** The issue concerns the archive management page in Sympa, where a lack of permission checks allows remote attackers to perform unauthorized actions on list archives. This can be achieved through vectors related to the `do arc manage`, `do arc download`, or `do arc delete` functions. **Recommendations** For versions prior to 6.1.11, update to version 6.1.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the archive management page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** InspIRCd versions prior to 1.1.18 **Description** A buffer overflow issue allows remote attackers to cause a denial of service, resulting in a daemon crash. This occurs when a large number of channel users have crafted nicknames, idents, and long hostnames, specifically when the namesx and uhnames modules are in use. **Recommendations** For versions prior to 1.1.18, update to version 1.1.18 or later to resolve the issue. As a temporary workaround, consider disabling the namesx and uhnames modules until a patch is available. Restrict access to channels with a large number of users to minimize the risk of exploitation.