The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote malicious users to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nefarious2 project nefarious2 2.0 |