VYPR
High severity8.1NVD Advisory· Published Jan 18, 2017· Updated Jun 17, 2026

CVE-2016-7144

CVE-2016-7144

Description

The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:a:unrealircd:unrealircd:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:unrealircd:unrealircd:*:*:*:*:*:*:*:*range: <=3.2.10.5
    • cpe:2.3:a:unrealircd:unrealircd:4.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:unrealircd:unrealircd:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:unrealircd:unrealircd:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:unrealircd:unrealircd:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:unrealircd:unrealircd:4.0.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:unrealircd:unrealircd:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:unrealircd:unrealircd:4.0.5:*:*:*:*:*:*:*
    • (no CPE)range: <3.2.10.7, <4.0.6

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.