A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). Remote code execution might be possible on some uncommon, older platforms.
References
Configurations
History
21 Nov 2024, 08:37
Type | Values Removed | Values Added |
---|---|---|
References | () https://forums.unrealircd.org/viewtopic.php?t=9340 - Release Notes, Vendor Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6TFYPQOKYRGPEAKOWSO6PSCBV6LUR3/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZT7QU4FCQBHYOYVD7FW5QAWNAQCSGLA/ - | |
References | () https://www.unrealircd.org/index/news - Product |
26 Dec 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
21 Dec 2023, 16:09
Type | Values Removed | Values Added |
---|---|---|
References | () https://forums.unrealircd.org/viewtopic.php?t=9340 - Release Notes, Vendor Advisory | |
References | () https://www.unrealircd.org/index/news - Product | |
CPE | cpe:2.3:a:unrealircd:unrealircd:*:*:*:*:*:*:*:* | |
CWE | CWE-120 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
16 Dec 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-16 23:15
Updated : 2024-11-21 08:37
NVD link : CVE-2023-50784
Mitre link : CVE-2023-50784
CVE.ORG link : CVE-2023-50784
JSON object : View
Products Affected
unrealircd
- unrealircd
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')