Multiple IRC Client Non-registered User parse_client_queued Saturation DoS

This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.


Synopsis :

The remote IRC server is affected by a denial of service attack.

Description :

The remote host is running a version of ircd which is vulnerable
to a rate-limiting Denial of Service (DoS) attack. The flaw is
in the fact that the IRCD daemon reserves more than 500 bytes of
memory for each line received.

An attacker, exploiting this flaw, would need network access to the
IRC server. A successful attack would render the IRC daemon, and
possibly the entire system, unusable.

The following IRC daemons are known to be vulnerable:
IRCD-Hybrid ircd-hybrid 7.0.1
ircd-ratbox ircd-ratbox 1.5.1
ircd-ratbox ircd-ratbox 2.0 rc6

See also :

http://archives.neohapsis.com/archives/bugtraq/2004-06/0299.html

Solution :

Upgrade to ircd-ratbox 1.5.2 and 2.0rc7 or IRCD-Hybrid 7.0.2.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Denial of Service

Nessus Plugin ID: 14253 (ircd_rate_limiting.nasl)

Bugtraq ID: 10572

CVE ID: CVE-2004-0605