Summary
ngIRCd is prone to multiple denial-of-service vulnerabilities when the server is running with SSL/TLS support.
Attackers can leverage these issues to crash the server and deny access to legitimate users.
ngIRCd 13 through ngIRCd 14 are vulnerable
these issues have been
fixed in ngIRCd 14.1.
Solution
Updates are available. Please see the references for details.
References
Severity
Classification
-
CVE CVE-2009-4652 -
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
- Wireshark IEEE 802.11 Dissector Denial of Service Vulnerability (Mac OS X)
- Firefox Browser designMode Null Pointer Dereference DoS Vulnerability - Linux
- OpenOffice senddoc Insecure Temporary File Creation Vulnerability (Win)
- Wireshark IEEE 802.11 Dissector Denial of Service Vulnerability (Windows)