The (1) Conn_StartLogin and (2) cb_Read_Resolver_Result functions in conn.c in ngIRCd 18 up to and including 20.2, when the configuration option NoticeAuth is enabled, does not properly handle the return code for the Handle_Write function, which allows remote malicious users to cause a denial of service (assertion failure and server crash) via unspecified vectors, related to a "notice auth" message not being sent to a new client.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
barton ngircd 19.0 |
||
barton ngircd 20.1 |
||
barton ngircd 20.0 |
||
barton ngircd 20.2 |
||
barton ngircd 18.0 |
||
barton ngircd 19.1 |