OSVDB ID: 7242

Title: Multiple IRC Client Non-registered User parse_client_queued Saturation DoS

Info

Disclosure

Jun 18, 2004

Discovery

Unknown

Dates

Exploit

Jun 20, 2004

Solution

Unknown

Description

IRCD-Hybrid and ircd-ratbox contain a flaw that may allow a remote denial of service. The issue is due to no rate limit imposed in the "parse_client_queued" function when an unidentified client sends lines. By establishing an unregistered connection and sending multiple newlines, a remote attacker can exhaust large amounts of memory resources and will result in loss of availability for the platform.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Upgrade to ircd-ratbox versions 1.5.2 and 2.0rc7 or IRCD-Hybrid 7.0.2 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

ircd-ratbox.org	ircd-ratbox	1.5.1
		2.0rc6

ircd-hybrid.org

ircd-hybrid

7.0.1

References

Vendor Specific Solution URL: http://www.ircd-hybrid.org/diff/unreg_limit.diff
Bugtraq ID: 10572
Secunia Advisory ID: 11910
ISS X-Force ID: 16457
CVE ID: 2004-0605 (see also: NVD)
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-06/0299.html
Vendor URL: http://www.ircd-ratbox.org/index2.shtml
Other Advisory URL: http://www.securiteam.com/unixfocus/5CP0Q0AD5W.html

Credit

Erik Sperling Johansen. -

Direct URL: http://osvdb.org/7242

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

ircd-ratbox.org

ircd-ratbox

ircd-hybrid.org

ircd-hybrid

References

Credit