PT-2021-18190 · Ircii · Ircii

Michael Ortmann

Published

2021-03-30

Updated

2021-09-21

CVE-2021-29376

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: ircII versions prior to 20210314

Description: The issue allows remote attackers to cause a denial of service, resulting in a segmentation fault and client crash. This can disconnect the victim from an IRC server via a crafted CTCP UTC message.

Recommendations: For versions prior to 20210314, update to a version 20210314 or later to resolve the issue. As a temporary workaround, consider restricting the handling of CTCP UTC messages to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-29376

DLA-2746-1

DLA-2747-1

Affected Products

Ircii

PT-2021-18190 · Ircii · Ircii

CVE-2021-29376

Related Identifiers

Affected Products

References · 22