VYPR
Unrated severityNVD Advisory· Published Aug 18, 2007· Updated Jun 16, 2026

CVE-2007-4408

CVE-2007-4408

Description

ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking.

Affected products

2
  • Ircu/Ircu2 versions
    cpe:2.3:a:universal_ircd:ircu:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:universal_ircd:ircu:*:*:*:*:*:*:*:*range: <=2.10.12.05
    • (no CPE)range: <=2.10.12.05

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.