CVE-2009-4652
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/02/2010
Last modified:
11/04/2025
Description
The (1) Conn_GetCipherInfo and (2) Conn_UsesSSL functions in src/ngircd/conn.c in ngIRCd 13 and 14, when SSL/TLS support is present and standalone mode is disabled, allow remote attackers to cause a denial of service (application crash) by sending the MOTD command from another server in the same IRC network, possibly related to an array index error.
Impact
Base Score 2.0
2.60
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ngircd:ngircd:13:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ngircd:ngircd:14:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git%3Ba%3Dblobdiff%3Bf%3Dsrc/ngircd/conn.c%3Bh%3Dc6095a31c613bc5ca127d55b8723e15b836f1cca%3Bhp%3D9752a6191c7e2da5b0df64779e9cc28ad1e6241c%3Bhb%3D627b0b713c52406e50c84bb9459e7794262920a2%3Bhpb%3D95428a72ffb5214826b61d5e77f860e7ef6a6c9e
- http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git%3Ba%3Dcommit%3Bh%3D627b0b713c52406e50c84bb9459e7794262920a2
- http://ngircd.barton.de/doc/ChangeLog
- http://ngircd.barton.de/doc/NEWS
- http://secunia.com/advisories/37343
- http://www.securityfocus.com/bid/37021
- http://www.vupen.com/english/advisories/2009/3240
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54272
- http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git%3Ba%3Dblobdiff%3Bf%3Dsrc/ngircd/conn.c%3Bh%3Dc6095a31c613bc5ca127d55b8723e15b836f1cca%3Bhp%3D9752a6191c7e2da5b0df64779e9cc28ad1e6241c%3Bhb%3D627b0b713c52406e50c84bb9459e7794262920a2%3Bhpb%3D95428a72ffb5214826b61d5e77f860e7ef6a6c9e
- http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git%3Ba%3Dcommit%3Bh%3D627b0b713c52406e50c84bb9459e7794262920a2
- http://ngircd.barton.de/doc/ChangeLog
- http://ngircd.barton.de/doc/NEWS
- http://secunia.com/advisories/37343
- http://www.securityfocus.com/bid/37021
- http://www.vupen.com/english/advisories/2009/3240
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54272