N/A

Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier, or (3) ircd-ratbox 2.0rc6 and earlier do not have a rate-limit imposed, which could allow remote attackers to cause a denial of service by repeatedly making requests, which are slowly dequeued.

N/A

N/A

多个ircd套接口出列远程拒绝服务漏洞

hybrid 7和ircd-ratbox是在线即时聊天服务程序。 hybrid 7和ircd-ratbox不正确处理速率限制机制，远程攻击者可以利用这个漏洞对服务程序进行拒绝服务攻击。 Ircd中的速率限制机制使用的缓冲区分配出列上存在问题，攻击者可以利用较小的速率而消耗系统大量内存，造成拒绝服务攻击。

N/A

N/A