CVE-2016-7142

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-7142

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7142.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-7142

Related

Published

2016-09-26T15:59:03Z

Modified

2025-01-15T01:15:57.877837Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

The msasl module in InspIRCd before 2.0.23, when used with a service that supports SASLEXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message.

References

Affected packages

Debian:11 / inspircd

Package

Name: inspircd
Purl: pkg:deb/debian/inspircd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.23-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / inspircd

Package

Name: inspircd
Purl: pkg:deb/debian/inspircd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.23-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / inspircd

Package

Name: inspircd
Purl: pkg:deb/debian/inspircd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.23-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/inspircd/inspircd

Affected ranges

Type: GIT
Repo: https://github.com/inspircd/inspircd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

74fafb7f11b06747f69f182ad5e3769b665eea7a

Fixed

74fafb7f11b06747f69f182ad5e3769b665eea7a

Affected versions

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.1.0

v1.1.0a1

v1.1.0b1

v1.1.0b2

v1.1.0b3

v1.1.0b4

v1.1.0b5

v1.1.0b6

v1.1.0b6.1

v1.1.0b7

v1.1.0b8

v1.1.0b9

v1.1.0fork

v1.1.1

v1.1.10

v1.1.2

v1.1.3

v1.1.4

v1.1.5

v1.1.6

v1.1.7

v1.1.8

v1.1.9

v1.2.0

v1.2.0a1

v1.2.0a2

v1.2.0a3

v1.2.0a4

v1.2.0a5

v1.2.0a6

v1.2.0b1

v1.2.0b2

v1.2.0b3

v1.2.0b4

v1.2.0fork

v1.2.0rc1

v1.2.0rc2

v1.2.0rc3

v1.2.0rc4

v1.2.0rc5

v2.*

v2.0.0

v2.0.0a1

v2.0.0a2

v2.0.0b1

v2.0.0b2

v2.0.0b3

v2.0.0b4

v2.0.0rc1

v2.0.0rc2

v2.0.1

v2.0.10

v2.0.11

v2.0.12

v2.0.13

v2.0.14

v2.0.15

v2.0.16

v2.0.17

v2.0.18

v2.0.19

v2.0.2

v2.0.20

v2.0.21

v2.0.22

v2.0.3

v2.0.4

v2.0.5

v2.0.6rc1

v2.0.7

v2.0.8

v2.0.9

v2.0fork