CVE-2006-1214

UnrealIRCd 3.2.3 - Denial of Service via Malformed TKL Q:Line Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1214. PoCs published by Brandon Milner.

AI-analyzed exploit summary This exploit triggers a denial-of-service in UnrealIRCd 3.2.3 by sending malformed server-link commands, causing the server to crash. It establishes a TCP connection and sends a crafted 'TKL' command with invalid characters.

Description

UnrealIRCd 3.2.3 allows remote attackers to cause an unspecified denial of service by causing a linked server to send malformed TKL Q:Line commands, as demonstrated by "TKL - q\x08Q *\x08PoC."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Brandon Milner · perldoswindows

https://www.exploit-db.com/exploits/27407

View Code ZIP pw:eip

This exploit triggers a denial-of-service in UnrealIRCd 3.2.3 by sending malformed server-link commands, causing the server to crash. It establishes a TCP connection and sends a crafted 'TKL' command with invalid characters.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: UnrealIRCd 3.2.3

No auth needed

Prerequisites: Network access to the target IRC server · Knowledge of the server's link password (if configured)

MITRE ATT&CK