CVE-2009-4652

CVE-2009-4652 · LOW Severity

AV:N/AC:H/AU:N/C:N/I:N/A:P

The (1) Conn_GetCipherInfo and (2) Conn_UsesSSL functions in src/ngircd/conn.c in ngIRCd 13 and 14, when SSL/TLS support is present and standalone mode is disabled, allow remote attackers to cause a denial of service (application crash) by sending the MOTD command from another server in the same IRC network, possibly related to an array index error.

Learn more about our Cis Benchmark Audit For Server Software.