CVE-1999-0679

hybrid_ircd < 6.0beta58 - Remote Code Execution via m_invite Invite Option

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0679. PoCs published by jduck & stranjer.

AI-analyzed exploit summary The vulnerability in ircd hybrid-6 (up to beta 58) involves a buffer overflow in the invite handling code (m_invite) when processing channel invitations in channels with +pi modes. The overflow can be exploited to gain remote access to the IRC server, often with the privileges of the 'irc' user.

Description

Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows remote attackers to execute commands via m_invite invite option.

Exploits (1)

exploitdb WRITEUP VERIFIED
by jduck & stranjer · textremotemultiple
https://www.exploit-db.com/exploits/19459

The vulnerability in ircd hybrid-6 (up to beta 58) involves a buffer overflow in the invite handling code (m_invite) when processing channel invitations in channels with +pi modes. The overflow can be exploited to gain remote access to the IRC server, often with the privileges of the 'irc' user.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ircd hybrid-6 (up to beta 58)
No auth needed
Prerequisites: Access to the IRC server · Channel with +pi modes
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Various Sources x_refsource_confirm
http://www.efnet.org/archive/servers/hybrid/ChangeLog
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/581

Scores

EPSS 0.0326
EPSS Percentile 87.0%

Details

Status published
Products (2)
hybrid_network/hybrid_ircd 5.03p7
hybrid_network/hybrid_ircd < 6.0beta58
Published Aug 13, 1999
Tracked Since Feb 18, 2026