The m_authenticate function in modules/m_sasl.c in UnrealIRCd prior to 3.2.10.7 and 4.x prior to 4.0.6 allows remote malicious users to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
unrealircd unrealircd |
||
unrealircd unrealircd 4.0.4 |
||
unrealircd unrealircd 4.0.0 |
||
unrealircd unrealircd 4.0.5 |
||
unrealircd unrealircd 4.0.2 |
||
unrealircd unrealircd 4.0.3.1 |
||
unrealircd unrealircd 4.0.1 |
||
unrealircd unrealircd 4.0.3 |