CVE-2009-4652

EUVD-2009-4617
The (1) Conn_GetCipherInfo and (2) Conn_UsesSSL functions in src/ngircd/conn.c in ngIRCd 13 and 14, when SSL/TLS support is present and standalone mode is disabled, allow remote attackers to cause a denial of service (application crash) by sending the MOTD command from another server in the same IRC network, possibly related to an array index error.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:N/I:N/A:P
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
Debian logo
Debian Releases
Debian Product
Codename
ngircd
bookworm
26.1-1+deb12u1
fixed
bullseye
26.1-1+deb11u1
fixed
lenny
not-affected
sid
27-2
fixed
trixie
27-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ngircd
artful
ignored
bionic
not-affected
cosmic
not-affected
dapper
ignored
hardy
ignored
intrepid
ignored
jaunty
ignored
karmic
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
precise
ignored
quantal
ignored
raring
ignored
saucy
ignored
trusty
dne
utopic
ignored
vivid
ignored
wily
ignored
xenial
not-affected
yakkety
ignored
zesty
ignored
References
http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git%3Ba=blobdiff%3Bf=src/ngircd/conn.c%3Bh=c6095a31c613bc5ca127d55b8723e15b836f1cca%3Bhp=9752a6191c7e2da5b0df64779e9cc28ad1e6241c%3Bhb=627b0b713c52406e50c84bb9459e7794262920a2%3Bhpb=95428a72ffb5214826b61d5e77f860e7ef6a6c9e
http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git%3Ba=commit%3Bh=627b0b713c52406e50c84bb9459e7794262920a2
http://ngircd.barton.de/doc/ChangeLog
http://ngircd.barton.de/doc/NEWS
http://secunia.com/advisories/37343
http://www.securityfocus.com/bid/37021
http://www.vupen.com/english/advisories/2009/3240
https://exchange.xforce.ibmcloud.com/vulnerabilities/54272
http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git%3Ba=blobdiff%3Bf=src/ngircd/conn.c%3Bh=c6095a31c613bc5ca127d55b8723e15b836f1cca%3Bhp=9752a6191c7e2da5b0df64779e9cc28ad1e6241c%3Bhb=627b0b713c52406e50c84bb9459e7794262920a2%3Bhpb=95428a72ffb5214826b61d5e77f860e7ef6a6c9e
http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git%3Ba=commit%3Bh=627b0b713c52406e50c84bb9459e7794262920a2
http://ngircd.barton.de/doc/ChangeLog
http://ngircd.barton.de/doc/NEWS
http://secunia.com/advisories/37343
http://www.securityfocus.com/bid/37021
http://www.vupen.com/english/advisories/2009/3240
https://exchange.xforce.ibmcloud.com/vulnerabilities/54272