PT-2021-4282 · Inspircd · Inspircd

Sadiecat

Published

2021-05-26

Updated

2022-06-03

CVE-2021-33586

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions InspIRCd versions 3.8.0 through 3.9.x

Description The issue is related to a problem where any user able to connect to the server can access recently deallocated memory, also known as the "malformed PONG" issue. This is due to incorrect permission assignment for a critical resource, which can allow a remote attacker to gain access to confidential data.

Recommendations For InspIRCd versions 3.8.0 through 3.9.x, update to version 3.10.0 or later to resolve the issue.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

BDU:2021-04890

CVE-2021-33586

Affected Products

Inspircd

PT-2021-4282 · Inspircd · Inspircd

CVE-2021-33586

Weakness Enumeration

Related Identifiers

Affected Products

References · 12