Описание
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- ExploitMailing ListThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- ExploitMailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.2.0 (включая) до 7.2.12 (исключая)
cpe:2.3:a:atheme:atheme:*:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00144
Низкий
9.1 Critical
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 9.1
ubuntu
почти 4 года назад
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence.
CVSS3: 9.1
debian
почти 4 года назад
Atheme IRC Services before 7.2.12, when used in conjunction with InspI ...
github
почти 4 года назад
Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence.
EPSS
Процентиль: 35%
0.00144
Низкий
9.1 Critical
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-287