PT-2007-5587 · Undernet · Ircu

Published

2007-08-18

Updated

2018-10-15

CVE-2007-4406

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions ircu versions 2.10.12.01 through 2.10.12.04

Description The issue allows remote attackers to gain control of a channel during a split, due to the failure to remove ops privilege after a join from a server with an older timestamp.

Recommendations For versions 2.10.12.01 through 2.10.12.04, consider updating to a version that removes ops privilege correctly after a join from a server with an older timestamp to prevent remote attackers from gaining control of a channel.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-4406

Affected Products

Ircu

PT-2007-5587 · Undernet · Ircu

CVE-2007-4406

Related Identifiers

Affected Products

References · 5