| VID |
23130 |
| Severity |
20 |
| Port |
6667 |
| Protocol |
TCP |
| Class |
IRCD |
| Detailed Description |
The ignitionServer, according to its banner, has a denial of service vulnerability in the SERVER command. ignitionServer is an Internet Relay Chat (IRC) Server for Microsoft Windows platforms. ignitionServer versions 0.1.2 through 0.3.1 are vulnerable to a denial of service attack, caused due to insufficient restrictions on the "SERVER" command. This command is designed for server to server communication, but can be exploited by clients to introduce non-existing servers to the network. This can further be exploited to cause a denial of service by introducing multiple servers, which can potentially flood the network.
* Note: This check solely relied on the banner of the remote IRC server to assess this vulnerability, so this might be a false positive.
* References:
http://secunia.com/advisories/12374/
* Platforms Affected:
ignitionServer versions 0.1.2 through 0.3.1
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of ignitionServer (0.3.2 or later), available from the Ignition Project Download Web page at http://www.ignition-project.com/download |
| Related URL |
(CVE) |
| Related URL |
11041 (SecurityFocus) |
| Related URL |
17103 (ISS) |
|
