CVE-2023-50784

A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). Remote code execution might be possible on some uncommon, older platforms.
Configurations

Configuration 1 (hide)

cpe:2.3:a:unrealircd:unrealircd:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:37

Type Values Removed Values Added
References () https://forums.unrealircd.org/viewtopic.php?t=9340 - Release Notes, Vendor Advisory () https://forums.unrealircd.org/viewtopic.php?t=9340 - Release Notes, Vendor Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6TFYPQOKYRGPEAKOWSO6PSCBV6LUR3/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6TFYPQOKYRGPEAKOWSO6PSCBV6LUR3/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZT7QU4FCQBHYOYVD7FW5QAWNAQCSGLA/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZT7QU4FCQBHYOYVD7FW5QAWNAQCSGLA/ -
References () https://www.unrealircd.org/index/news - Product () https://www.unrealircd.org/index/news - Product

26 Dec 2023, 03:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZT7QU4FCQBHYOYVD7FW5QAWNAQCSGLA/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6TFYPQOKYRGPEAKOWSO6PSCBV6LUR3/ -

21 Dec 2023, 16:09

Type Values Removed Values Added
References () https://forums.unrealircd.org/viewtopic.php?t=9340 - () https://forums.unrealircd.org/viewtopic.php?t=9340 - Release Notes, Vendor Advisory
References () https://www.unrealircd.org/index/news - () https://www.unrealircd.org/index/news - Product
CPE cpe:2.3:a:unrealircd:unrealircd:*:*:*:*:*:*:*:*
CWE CWE-120
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

16 Dec 2023, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-16 23:15

Updated : 2024-11-21 08:37


NVD link : CVE-2023-50784

Mitre link : CVE-2023-50784

CVE.ORG link : CVE-2023-50784


JSON object : View

Products Affected

unrealircd

  • unrealircd
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')