Home > Vulnerability Database > CVE-2009-4652

Mend.io Vulnerability Database

CVE-2009-4652

Date: February 26, 2010

The (1) Conn_GetCipherInfo and (2) Conn_UsesSSL functions in src/ngircd/conn.c in ngIRCd 13 and 14, when SSL/TLS support is present and standalone mode is disabled, allow remote attackers to cause a denial of service (application crash) by sending the MOTD command from another server in the same IRC network, possibly related to an array index error.

Language: C

Severity Score

5.0

Related Resources (10)

Url: http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git%3Ba=blobdiff%3Bf=src/ngircd/conn.c%3Bh=c6095a31c613bc5ca127d55b8723e15b836f1cca%3Bhp=9752a6191c7e2da5b0df64779e9cc28ad1e6241c%3Bhb=627b0b713c52406e50c84bb9459e7794262920a2%3Bhpb=95428a72ffb5214826b61d5e77f860e7ef6a6c9e

Url: http://www.vupen.com/english/advisories/2009/3240

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/54272

Url: http://www.securityfocus.com/bid/37021

Url: http://ngircd.barton.de/doc/NEWS

Url: http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git%3Ba=commit%3Bh=627b0b713c52406e50c84bb9459e7794262920a2

Url: http://secunia.com/advisories/37343

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-4652

Url: http://ngircd.barton.de/doc/ChangeLog

Url: https://www.mend.io/vulnerability-database/CVE-2009-4652

Severity Score

5.0

CVSS v3

Base Score:	5.0
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL

CVSS v2

Base Score:	8.1
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-4652

Date: February 26, 2010

Language: C

Severity Score

Related Resources (10)

Severity Score

CVSS v3

CVSS v2

Do you need more information?