MidnightBSD

Advisories for nefarious2_project

CVE-2016-7145 HIGH

The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
nefarious2_project nefarious2 2.0