High severity8.1NVD Advisory· Published Jan 18, 2017· Updated Jun 17, 2026
CVE-2016-7144
CVE-2016-7144
Description
The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:unrealircd:unrealircd:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:unrealircd:unrealircd:*:*:*:*:*:*:*:*range: <=3.2.10.5
- cpe:2.3:a:unrealircd:unrealircd:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:unrealircd:unrealircd:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:unrealircd:unrealircd:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:unrealircd:unrealircd:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:unrealircd:unrealircd:4.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:unrealircd:unrealircd:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:unrealircd:unrealircd:4.0.5:*:*:*:*:*:*:*
- (no CPE)range: <3.2.10.7, <4.0.6
Patches
Vulnerability mechanics
References
5- github.com/unrealircd/unrealircd/commit/f473e355e1dc422c4f019dbf86bc50ba1a34a766nvdPatch
- www.openwall.com/lists/oss-security/2016/09/04/3nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2016/09/05/8nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/92763nvdThird Party AdvisoryVDB Entry
- forums.unrealircd.org/viewtopic.phpnvdVendor Advisory
News mentions
0No linked articles in our index yet.