PT-2008-3065 · Snircd+1 · Snircd+1

Chris Porter

Published

2008-03-25

Updated

2018-10-11

CVE-2008-1501

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Undernet ircu versions 2.10.12.12 and earlier snircd versions 1.3.4 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash, by sending a malformed MODE command. This is due to a problem in the send user mode function.

Recommendations For Undernet ircu versions 2.10.12.12 and earlier, consider disabling the send user mode function until a patch is available. For snircd versions 1.3.4 and earlier, restrict access to the MODE command to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2008-1501

Affected Products

Undernet Ircu

Snircd

PT-2008-3065 · Snircd+1 · Snircd+1

CVE-2008-1501

Related Identifiers

Affected Products

References · 16