MidnightBSD

Advisories for ircd-ratbox

CVE-2004-0605 MEDIUM

Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier, or (3) ircd-ratbox 2.0rc6 and earlier do not have a rate-limit imposed, which could allow remote attackers to cause a denial of service by repeatedly making requests, which are slowly dequeued.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-16,

Products Affected

Vendor Product Version
ircd-ratbox ircd-ratbox *
ircd-hybrid ircd-hybrid *
CVE-2009-4016 MEDIUM

Integer underflow in the clean_string function in irc_string.c in (1) IRCD-hybrid 7.2.2 and 7.2.3, (2) ircd-ratbox before 2.2.9, and (3) oftc-hybrid before 1.6.8, when flatten_links is disabled, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a LINKS command.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
oftc oftc-hybrid 1.5.4
ircd-ratbox ircd-ratbox 2.1.1
ircd-ratbox ircd-ratbox 2.1.6
ircd-ratbox ircd-ratbox 1.1
ircd-ratbox ircd-ratbox 2.1.2
ircd-ratbox ircd-ratbox 2.2.6
ircd-ratbox ircd-ratbox 2.2.5
ircd-ratbox ircd-ratbox 2.0.0
ircd-ratbox ircd-ratbox 1.3.2
ircd-hybrid ircd-hybrid 7.2.3
ircd-ratbox ircd-ratbox 2.2.3
ircd-ratbox ircd-ratbox 2.0.3
ircd-ratbox ircd-ratbox 1.5.3
ircd-ratbox ircd-ratbox 1.0
ircd-ratbox ircd-ratbox 2.2.2
oftc oftc-hybrid 1.5.7
ircd-ratbox ircd-ratbox 1.5.1
oftc oftc-hybrid 1.6.4
ircd-ratbox ircd-ratbox 2.0.10
ircd-ratbox ircd-ratbox 2.0.1
ircd-ratbox ircd-ratbox 2.1.4
ircd-ratbox ircd-ratbox 2.0.7
ircd-ratbox ircd-ratbox 2.0.2
ircd-ratbox ircd-ratbox 1.1.2
ircd-ratbox ircd-ratbox 2.1.7
ircd-ratbox ircd-ratbox 1.3.1
ircd-ratbox ircd-ratbox 2.1.3
oftc oftc-hybrid 1.4.1
ircd-ratbox ircd-ratbox 2.0.11
ircd-ratbox ircd-ratbox 2.1.8
oftc oftc-hybrid 1.5.1
ircd-hybrid ircd-hybrid 7.2.2
ircd-ratbox ircd-ratbox 1.5
ircd-ratbox ircd-ratbox 1.4.2
ircd-ratbox ircd-ratbox 1.5.2
ircd-ratbox ircd-ratbox 1.2.3
ircd-ratbox ircd-ratbox 2.2.7
ircd-ratbox ircd-ratbox 2.0.5
ircd-ratbox ircd-ratbox 2.1.5
ircd-ratbox ircd-ratbox 1.4.1
ircd-ratbox ircd-ratbox 1.1.1
ircd-ratbox ircd-ratbox 1.2.2
ircd-ratbox ircd-ratbox *
oftc oftc-hybrid 1.6.3
ircd-ratbox ircd-ratbox 2.2.0
oftc oftc-hybrid *
oftc oftc-hybrid 1.6.1
ircd-ratbox ircd-ratbox 1.2.1
oftc oftc-hybrid 1.5.0
oftc oftc-hybrid 1.6.2
oftc oftc-hybrid 1.4.0
oftc oftc-hybrid 1.6.0
ircd-ratbox ircd-ratbox 2.0.4
ircd-ratbox ircd-ratbox 2.0.9
oftc oftc-hybrid 1.5.2
ircd-ratbox ircd-ratbox 1.4
oftc oftc-hybrid 1.5.3
oftc oftc-hybrid 1.5.6
oftc oftc-hybrid 1.5.5
oftc oftc-hybrid 1.6.6
ircd-ratbox ircd-ratbox 2.0.6
ircd-ratbox ircd-ratbox 2.0.8
ircd-ratbox ircd-ratbox 2.2.4
ircd-ratbox ircd-ratbox 1.3
oftc oftc-hybrid 1.6.5
ircd-ratbox ircd-ratbox 2.1.0
ircd-ratbox ircd-ratbox 2.2.1
CVE-2010-0300 MEDIUM

cache.c in ircd-ratbox before 2.2.9 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a HELP command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ircd-ratbox ircd-ratbox 2.1.1
ircd-ratbox ircd-ratbox 2.1.6
ircd-ratbox ircd-ratbox 1.1
ircd-ratbox ircd-ratbox 2.1.2
ircd-ratbox ircd-ratbox 2.2.6
ircd-ratbox ircd-ratbox 2.2.5
ircd-ratbox ircd-ratbox 2.0.0
ircd-ratbox ircd-ratbox 1.3.2
ircd-ratbox ircd-ratbox 2.2.3
ircd-ratbox ircd-ratbox 2.0.3
ircd-ratbox ircd-ratbox 1.5.3
ircd-ratbox ircd-ratbox 1.0
ircd-ratbox ircd-ratbox 2.2.2
ircd-ratbox ircd-ratbox 1.5.1
ircd-ratbox ircd-ratbox 2.0.10
ircd-ratbox ircd-ratbox 2.0.1
ircd-ratbox ircd-ratbox 2.1.4
ircd-ratbox ircd-ratbox 2.0.7
ircd-ratbox ircd-ratbox 2.0.2
ircd-ratbox ircd-ratbox 2.2.7.1
ircd-ratbox ircd-ratbox 1.1.2
ircd-ratbox ircd-ratbox 2.1.7
ircd-ratbox ircd-ratbox 1.3.1
ircd-ratbox ircd-ratbox 2.1.3
ircd-ratbox ircd-ratbox 2.0.11
ircd-ratbox ircd-ratbox 2.1.8
ircd-ratbox ircd-ratbox 1.5
ircd-ratbox ircd-ratbox 1.4.2
ircd-ratbox ircd-ratbox 1.5.2
ircd-ratbox ircd-ratbox 1.2.3
ircd-ratbox ircd-ratbox 2.2.7
ircd-ratbox ircd-ratbox 2.0.5
ircd-ratbox ircd-ratbox 2.1.5
ircd-ratbox ircd-ratbox 1.4.1
ircd-ratbox ircd-ratbox 1.1.1
ircd-ratbox ircd-ratbox 1.2.2
ircd-ratbox ircd-ratbox *
ircd-ratbox ircd-ratbox 2.2.0
ircd-ratbox ircd-ratbox 1.2.1
ircd-ratbox ircd-ratbox 2.0.4
ircd-ratbox ircd-ratbox 2.0.9
ircd-ratbox ircd-ratbox 1.4
ircd-ratbox ircd-ratbox 2.0.6
ircd-ratbox ircd-ratbox 2.0.8
ircd-ratbox ircd-ratbox 2.2.4
ircd-ratbox ircd-ratbox 1.3
ircd-ratbox ircd-ratbox 2.1.0
ircd-ratbox ircd-ratbox 2.2.1
CVE-2012-6084 MEDIUM

modules/m_capab.c in (1) ircd-ratbox before 3.0.8 and (2) Charybdis before 3.4.2 does not properly support capability negotiation during server handshakes, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ircd-ratbox ircd-ratbox 2.0.11
ircd-ratbox ircd-ratbox 2.1.8
ircd-ratbox ircd-ratbox 2.1.1
ircd-ratbox ircd-ratbox 2.1.6
ircd-ratbox ircd-ratbox 1.5
ircd-ratbox ircd-ratbox 1.5.2
ircd-ratbox ircd-ratbox 1.2.3
ircd-ratbox ircd-ratbox 2.1.2
ircd-ratbox ircd-ratbox 2.2.6
ircd-ratbox ircd-ratbox 2.2.7
ircd-ratbox ircd-ratbox 2.2.5
ircd-ratbox ircd-ratbox 2.0.5
ircd-ratbox ircd-ratbox 1.3.2
ircd-ratbox ircd-ratbox 2.1.5
ircd-ratbox ircd-ratbox 2.2.3
ircd-ratbox ircd-ratbox 1.1.1
ircd-ratbox ircd-ratbox 1.2.2
ircd-ratbox ircd-ratbox 2.0.3
ircd-ratbox ircd-ratbox 1.5.3
ircd-ratbox ircd-ratbox 2.2.0
ircd-ratbox ircd-ratbox 1.0
ircd-ratbox ircd-ratbox 2.2.2
ircd-ratbox ircd-ratbox 1.5.1
ircd-ratbox ircd-ratbox 1.2.1
ratbox ircd-ratbox *
ircd-ratbox ircd-ratbox 2.0.10
ircd-ratbox ircd-ratbox 2.0.1
ircd-ratbox ircd-ratbox 2.0.4
ircd-ratbox ircd-ratbox 2.0.9
ircd-ratbox ircd-ratbox 2.1.4
ircd-ratbox ircd-ratbox 2.0.7
ircd-ratbox ircd-ratbox 1.4
ircd-ratbox ircd-ratbox 2.2.8
ircd-ratbox ircd-ratbox 2.0.2
ircd-ratbox ircd-ratbox 2.2.7.1
ircd-ratbox ircd-ratbox 2.0.6
ircd-ratbox ircd-ratbox 2.0.8
ircd-ratbox ircd-ratbox 1.1.2
ircd-ratbox ircd-ratbox 2.2.4
ircd-ratbox ircd-ratbox 1.3
ircd-ratbox ircd-ratbox 2.1.7
ircd-ratbox ircd-ratbox 1.3.1
ircd-ratbox ircd-ratbox 2.1.0
ircd-ratbox ircd-ratbox 2.1.3
ircd-ratbox ircd-ratbox 2.2.1
ircd-ratbox ircd-ratbox 2.2.9