UnrealIRCd IP Cloaking Weakness Information Disclosure

medium Nessus Plugin ID 12297

Synopsis

The remote host appears to be running an IRC server.

Description

The remote host is running UnrealIRCd, a popular IRC server.

The remote version of this server offers an 'IP cloaking' capability that offers to hide the IP address of the users connected to the server in order to preserve their anonymity.

There is a design error in the algorithm used by the server that could allow an attacker to guess the real IP address of another user of the server by reducing the number of tries to 2,000.

Solution

Upgrade to UnrealIRCd 3.2.1

Plugin Details

Severity: Medium

ID: 12297

File Name: unreal_ircd_cloaking.nasl

Version: 1.15

Type: remote

Family: Misc.

Published: 7/5/2004

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:unrealircd:unrealircd

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 7/5/2004

Reference Information

CVE: CVE-2004-0679

BID: 10663