William Pitcock

**Name of the Vulnerable Software and Affected Versions** ircd-ratbox versions prior to 3.0.8 Charybdis versions prior to 3.4.2 **Description** The issue is related to improper support for capability negotiation during server handshakes, which can be exploited by remote attackers to cause a denial of service. This is achieved by sending a malformed request, resulting in a NULL pointer dereference and daemon crash. **Recommendations** For ircd-ratbox versions prior to 3.0.8, update to version 3.0.8 or later to resolve the issue. For Charybdis versions prior to 3.4.2, update to version 3.4.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Atheme versions 5.x through 5.2.6 Atheme versions 6.x through 6.0.9 Atheme versions 7.x through 7.0.0-beta1 **Description** The issue arises from the `myuser delete` function in `libathemecore/account.c`, which fails to properly clean up CertFP entries when a user is deleted. This allows remote attackers to access a different user account or cause a denial of service, resulting in a daemon crash, by logging in as a deleted user. **Recommendations** For Atheme versions 5.x through 5.2.6, update to version 5.2.7 or later. For Atheme versions 6.x through 6.0.9, update to version 6.0.10 or later. For Atheme versions 7.x through 7.0.0-beta1, update to version 7.0.0-beta2 or later.