CVE-2016-7144

HIGH

Unrealircd < 3.2.10.5 - Authentication Bypass

Title source: rule

Description

The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.

Exploits (1)

nomisec WORKING POC

by Huyn-coder · poc

https://github.com/Huyn-coder/CVE-2016-7144-IDPS

View Code ZIP pw:eip

References (5)

[Patch] https://github.com/unrealircd/unrealircd/commit/f473e355e1dc422c4f019dbf86bc50ba1a34a766

[Vendor Advisory] https://forums.unrealircd.org/viewtopic.php?f=1&t=8588

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/92763

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2016/09/05/8

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2016/09/04/3

Scores

CVSS v3 8.1

EPSS 0.0239

EPSS Percentile 85.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-287

Status published

Products (8)

unrealircd/unrealircd 4.0.0

unrealircd/unrealircd 4.0.1

unrealircd/unrealircd 4.0.2

unrealircd/unrealircd 4.0.3

unrealircd/unrealircd 4.0.3.1

unrealircd/unrealircd 4.0.4

unrealircd/unrealircd 4.0.5

unrealircd/unrealircd < 3.2.10.5

Published Jan 18, 2017

Tracked Since Feb 18, 2026