Back to search
CVE-2013-5580
Published: Oct 1, 2013
Modified: Sep 16, 2024
PUBLISHED
Description
The (1) Conn_StartLogin and (2) cb_Read_Resolver_Result functions in conn.c in ngIRCd 18 through 20.2, when the configuration option NoticeAuth is enabled, does not properly handle the return code for the Handle_Write function, which allows remote attackers to cause a denial of service (assertion failure and server crash) via unspecified vectors, related to a "notice auth" message not being sent to a new client.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[ngircd-ml] 20130823 ngIRCd 20.3
mailing-list
x_refsource_MLIST
96590
vdb-entry
x_refsource_OSVDB
http://freecode.com/projects/ngircd/releases/357245
x_refsource_CONFIRM
54567
third-party-advisory
x_refsource_SECUNIA
FEDORA-2013-15290
vendor-advisory
x_refsource_FEDORA
FEDORA-2013-15278
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now