MidnightBSD

Advisories for charybdis_project

CVE-2016-7143 MEDIUM

The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,

Products Affected

Vendor Product Version
charybdis_project charybdis *
debian debian_linux 8.0