CVE-2004-0605

ircd-hybrid < 7.0.1 and ircd-ratbox < 1.5.1 - Unauthenticated Denial of Service via Rate-Limit Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0605. PoCs published by Erik Sperling Johansen.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service (DoS) vulnerability in multiple IRC daemon implementations by exhausting memory resources through rapid connection and data transmission. It targets a flaw in the deallocation of buffers used by rate-limiting mechanisms.

Description

Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier, or (3) ircd-ratbox 2.0rc6 and earlier do not have a rate-limit imposed, which could allow remote attackers to cause a denial of service by repeatedly making requests, which are slowly dequeued.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Erik Sperling Johansen · cdoslinux
https://www.exploit-db.com/exploits/24222

This exploit demonstrates a denial-of-service (DoS) vulnerability in multiple IRC daemon implementations by exhausting memory resources through rapid connection and data transmission. It targets a flaw in the deallocation of buffers used by rate-limiting mechanisms.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: ircd-hybrid (7.0.1 and earlier), ircd-ratbox (1.5.1 and earlier, 2.0rc6 and earlier)
No auth needed
Prerequisites: Network access to the target IRC server · Ability to establish multiple TCP connections
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16457
Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/10572
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108766803817406&w=2

Scores

EPSS 0.0733
EPSS Percentile 93.6%

Details

CWE
CWE-16
Status published
Products (2)
ircd-hybrid/ircd-hybrid < 7.0.1
ircd-ratbox/ircd-ratbox < 1.5.1
Published Dec 06, 2004
Tracked Since Feb 18, 2026