mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-20 20:09:11 +00:00
Document vulnerability in irc/inspircd
No CVEs have been assigned at this time.
This commit is contained in:
parent
625a339252
commit
7cda5a90ee
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=421432
@ -58,6 +58,34 @@ Notes:
|
||||
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
|
||||
-->
|
||||
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
|
||||
<vuln vid="70c85c93-743c-11e6-a590-14dae9d210b8">
|
||||
<topic>inspircd -- authentication bypass vulnerability</topic>
|
||||
<affects>
|
||||
<package>
|
||||
<name>inspircd</name>
|
||||
<range><lt>2.0.23</lt></range>
|
||||
</package>
|
||||
</affects>
|
||||
<description>
|
||||
<body xmlns="http://www.w3.org/1999/xhtml">
|
||||
<p>Adam reports:</p>
|
||||
<blockquote cite="http://www.inspircd.org/2016/09/03/v2023-released.html">
|
||||
<p>A serious vulnerability exists in when using m_sasl in
|
||||
combination with any services that support SASL EXTERNAL.
|
||||
To be vulnerable you must have m_sasl loaded, and have services which
|
||||
support SASL EXTERNAL authentication.</p>
|
||||
</blockquote>
|
||||
</body>
|
||||
</description>
|
||||
<references>
|
||||
<url>http://www.inspircd.org/2016/09/03/v2023-released.html</url>
|
||||
</references>
|
||||
<dates>
|
||||
<discovery>2016-09-03</discovery>
|
||||
<entry>2016-09-06</entry>
|
||||
</dates>
|
||||
</vuln>
|
||||
|
||||
<vuln vid="9e50dcc3-740b-11e6-94a2-080027ef73ec">
|
||||
<topic>mailman -- CSRF hardening in parts of the web interface</topic>
|
||||
<affects>
|
||||
|
Loading…
Reference in New Issue
Block a user