Peter Powell - Security Researcher - Exploit Intelligence Platform

CVE-2019-20917 WRITEUP MEDIUM WRITEUP

InspIRCd <2.0.28-3.3.0 - Use After Free

An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.

CVSS 6.5

View Code

CVE-2019-20918 WRITEUP MEDIUM WRITEUP

InspIRCd 3.0-3.1.0 - Use-After-Free in Silence Module

An issue was discovered in InspIRCd 3 before 3.1.0. The silence module contains a use after free vulnerability. This vulnerability can be used for remote crashing of an InspIRCd server by any user able to fully connect to a server.

CVSS 6.5

View Code

CVE-2019-20917 WRITEUP MEDIUM WRITEUP

InspIRCd <2.0.28-3.3.0 - Use After Free

An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.

CVSS 6.5

View Code

CVE-2019-20918 WRITEUP MEDIUM WRITEUP

InspIRCd 3.0-3.1.0 - Use-After-Free in Silence Module

An issue was discovered in InspIRCd 3 before 3.1.0. The silence module contains a use after free vulnerability. This vulnerability can be used for remote crashing of an InspIRCd server by any user able to fully connect to a server.

CVSS 6.5

View Code