MidnightBSD

Advisories for unreal

CVE-2002-1675 MEDIUM

Format string vulnerability in the Cio_PrintF function of cio_main.c in Unreal IRCd 3.1.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
unreal unrealircd 3.1.1
CVE-2004-0679 MEDIUM

The IP cloaking feature (cloak.c) in UnrealIRCd 3.2, and possibly other versions, uses a weak hashing scheme to hide IP addresses, which could allow remote attackers to use brute force methods to gain other user's IP addresses.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
unreal unrealircd 3.2
unreal unrealircd 3.1.1
unreal unrealircd 3.1.3
unreal unrealircd 3.2_.0_beta_10
CVE-2006-1214 MEDIUM

UnrealIRCd 3.2.3 allows remote attackers to cause an unspecified denial of service by causing a linked server to send malformed TKL Q:Line commands, as demonstrated by "TKL - q\x08Q *\x08PoC."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
unreal unrealircd 3.2.3