Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4408

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-4408
Last Modified 15 Nov 2008 01:56:54
Published 18 Aug 2007 05:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4408

Summary

ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking.

Vulnerable Systems

Application

  • Universal Ircd Ircu 2.10.12.05


References

XF - ircu-timestamp-security-bypass(35994)

BID - 25285

BUGTRAQ - 20070812 Multiple vulnerabilities in ircu

OSVDB - 46715

SREASON - 3031


Last Updated: 27 May 2016 10:45:50