Lucene search

Veracode Vulnerability DatabaseVERACODE:26224

HistoryAug 06, 2020 - 9:37 p.m.

Denial Of Service (DoS)

2020-08-0621:37:03

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

ngircd

server-server protocol

denial of service

EPSS

0.005

Percentile

76.3%

JSON

The Server-Server protocol implementation in ngIRCd is vulnerable to denial of service. An out-of-bounds access, as demonstrated by the IRC_NJOIN() function allows an attacker to crash the application.

References

github.com/ngircd/ngircd/issues/274

github.com/ngircd/ngircd/issues/277

github.com/ngircd/ngircd/pull/275

github.com/ngircd/ngircd/pull/276

github.com/ngircd/ngircd/releases/tag/rel-26-rc2

lists.debian.org/debian-lts-announce/2020/06/msg00023.html

lists.fedoraproject.org/archives/list/[email protected]/message/BJOYV5GHUFJMUVQW3TJKXZ7JPXL4W3ER/

lists.fedoraproject.org/archives/list/[email protected]/message/JZRYFJIA6ZKOH7U4K5WH5OL7OKXE4N52/

EPSS

0.005

Percentile

76.3%

JSON

Related for VERACODE:26224