Published: 18/08/2007 Updated: 15/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

ircu 2.10.12.05 and previous versions ignores timestamps in bounces, which allows remote malicious users to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking.

Vulnerable Product	Search on Vulmon	Subscribe to Product
universal ircd ircu

Debian Bug report logs - #439314 Several security issues in ircu [CVE-2007-440411] Package: ircd-ircu; Maintainer for ircd-ircu is Martin Gerhard Loschwitz <madkiss@debianorg>; Source for ircd-ircu is src:ircd-ircu (PTS, buildd, popcon) Reported by: Thijs Kinkhorst <thijs@debianorg> Date: Fri, 24 Aug 2007 07:36:0 ...

NVD-CWE-Other http://www.securityfocus.com/bid/25285 http://securityreason.com/securityalert/3031 http://osvdb.org/46715 https://exchange.xforce.ibmcloud.com/vulnerabilities/35994 http://www.securityfocus.com/archive/1/476285/100/0/threaded https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439314 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-4408

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect