An issue exists in InspIRCd 2 prior to 2.0.28 and 3 prior to 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
inspircd inspircd |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |