Debian Atheme-Services vulnerabilities

5 known vulnerabilities affecting debian/atheme-services.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3LOW1

Vulnerabilities

Page 1 of 1
CVE-2024-27508LOWCVSS 7.52024
CVE-2024-27508 [HIGH] CVE-2024-27508: atheme-services - Atheme 7.2.12 contains a memory leak vulnerability in /atheme/src/crypto-benchma... Atheme 7.2.12 contains a memory leak vulnerability in /atheme/src/crypto-benchmark/main.c. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2022-24976CRITICALCVSS 9.1fixed in atheme-services 7.2.12-1 (bookworm)2022
CVE-2022-24976 [CRITICAL] CVE-2022-24976: atheme-services - Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allow... Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence. Scope: local bookworm: resolved (fixed in 7.2.12-1) bullseye: open forky: resolved (fixed in 7.2.12-1) sid: resolved (fixed in 7.2.12-1) trixie: resolved (fixed i
debian
CVE-2017-6384HIGHCVSS 7.5fixed in atheme-services 7.2.9-1 (bookworm)2017
CVE-2017-6384 [HIGH] CVE-2017-6384: atheme-services - Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in... Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed in 7.2.8. Scope: local bookworm: resolved (fixed in 7.2.9-1) bullseye: resolved (fixed in 7.2.9-1) forky: resolved (fixed in 7.2.9-1) sid: resolved (fixed in 7.2.9-
debian
CVE-2016-4478HIGHCVSS 7.5fixed in atheme-services 7.0.7-2 (bookworm)2016
CVE-2016-4478 [HIGH] CVE-2016-4478: atheme-services - Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/x... Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/xmlrpclib.c in Atheme before 7.2.7 allows remote attackers to cause a denial of service via vectors related to XMLRPC response encoding. Scope: local bookworm: resolved (fixed in 7.0.7-2) bullseye: resolved (fixed in 7.0.7-2) forky: resolved (fixed in 7.0.7-2) sid: resolved (fixed i
debian
CVE-2014-9773HIGHCVSS 7.5fixed in atheme-services 7.0.7-2 (bookworm)2014
CVE-2014-9773 [HIGH] CVE-2014-9773: atheme-services - modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modif... modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks. Scope: local bookworm: resolved (fixed in 7.0.7-2) bullseye: resolved (fixed in 7.0.7-2) forky: resolved (fixed in 7.0.7-2) sid: resolved (fixed in 7.0.7-2) trixie: resolved
debian