VYPR

rpm package

opensuse/atheme&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/atheme&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2022-24976Feb 13, 2022
    affected < 7.2.12-2.1fixed 7.2.12-2.1

    Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence.

  • CVE-2017-6384HigMar 2, 2017
    affected < 7.2.11-1.6fixed 7.2.11-1.6

    Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed in 7.2.8.

  • CVE-2016-4478HigJun 13, 2016
    affected < 7.2.7-1.1fixed 7.2.7-1.1

    Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/xmlrpclib.c in Atheme before 7.2.7 allows remote attackers to cause a denial of service via vectors related to XMLRPC response encoding.

  • CVE-2014-9773HigJun 13, 2016
    affected < 7.2.7-1.1fixed 7.2.7-1.1

    modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks.