UnrealIRCd IP Cloaking Weakness Information Disclosure

Medium Nessus Plugin ID 12297


The remote host appears to be running an IRC server.


The remote host is running UnrealIRCd, a popular IRC server.

The remote version of this server offers an 'IP cloaking' capability that offers to hide the IP address of the users connected to the server in order to preserve their anonymity.

There is a design error in the algorithm used by the server that could allow an attacker to guess the real IP address of another user of the server by reducing the number of tries to 2,000.


Upgrade to UnrealIRCd 3.2.1

Plugin Details

Severity: Medium

ID: 12297

File Name: unreal_ircd_cloaking.nasl

Version: $Revision: 1.13 $

Type: remote

Family: Misc.

Published: 2004/07/05

Modified: 2013/02/06

Dependencies: 11156, 17975, 11153

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:unrealircd:unrealircd

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2004/07/05

Reference Information

CVE: CVE-2004-0679

BID: 10663

OSVDB: 7482