The m_sasl module in InspIRCd prior to 2.0.23, when used with a service that supports SASL_EXTERNAL authentication, allows remote malicious users to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
inspircd inspircd |
||
debian debian linux 8.0 |