CVE-2007-4404

{"id": "CVE-2007-4404", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-08-18T21:17:00.000", "references": [{"url": "http://osvdb.org/46710", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/46711", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/46712", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/3031", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/476285/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/25285", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35984", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35986", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35987", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "ircu 2.10.12.01 allows remote attackers to (1) cause a denial of service (flood wallops) by joining two channels with certain long names that differ in the final character, which triggers a protocol violation and (2) cause a denial of service (daemon crash) via a \"J 0:#channel\" message on a channel without an apass; and (3) allows remote authenticated operators to cause a denial of service (daemon crash) via a remote \"names -D\" command."}, {"lang": "es", "value": "ircu 2.10.12.01 permite a atacantes remotos (1) provocar denegaci\u00f3n de servicio (desbordamiento directo) a trav\u00e9s de la entrada de dos canales con ciertos nombres largos que difieren en el car\u00e1cter final, lo cual dispara una violaci\u00f3n del protocolo y(2) provocan una denegaci\u00f3n de servicio (caida de demonio) a trav\u00e9s de un mensaje \"J 0:#channel\" sobre el canal sin una contrase\u00f1a; y (3) permite a operadores remotos validados provocar denegaci\u00f3n de servicio (caida de demonio) a trav\u00e9s de un comando remoto \"names -D\"."}], "lastModified": "2018-10-15T21:35:09.997", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:universal_ircd:ircu:2.10.12.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E155257-13BC-4EE2-A67D-50DA7D8781C1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}