PT-2023-31650 · Unknown · Unrealircd
Published
2023-12-16
·
Updated
2023-12-26
·
CVE-2023-50784
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
UnrealIRCd versions 6.1.0 through 6.1.3
Description
A buffer overflow in websockets allows an unauthenticated remote attacker to crash the server by sending an oversized packet, if a websocket port is open. Remote code execution might be possible on some uncommon, older platforms.
Recommendations
For UnrealIRCd versions 6.1.0 through 6.1.3, update to version 6.1.4 or later to resolve the issue. As a temporary workaround, consider disabling the websocket port to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Unrealircd