CVE-2016-7144

The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:unrealircd:unrealircd:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:unrealircd:unrealircd:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:unrealircd:unrealircd:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:unrealircd:unrealircd:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:unrealircd:unrealircd:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:unrealircd:unrealircd:4.0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:unrealircd:unrealircd:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:unrealircd:unrealircd:4.0.3:*:*:*:*:*:*:*

Information

Published : 2017-01-18 09:59

Updated : 2017-01-20 07:12


NVD link : CVE-2016-7144

Mitre link : CVE-2016-7144


JSON object : View

CWE
CWE-287

Improper Authentication

Advertisement

dedicated server usa

Products Affected

unrealircd

  • unrealircd