CVE-2021-33586

medium

Description

InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user (able to connect to the server) to access recently deallocated memory, aka the "malformed PONG" issue.

References

Advisories
More

https://security.gentoo.org/glsa/202107-22

https://github.com/inspircd/inspircd/commit/4350a11c663b0d75f8119743bffb7736d87abd4d

https://docs.inspircd.org/security/2021-01/

Details

Source: Mitre, NVD

Published: 2021-05-27

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N