Unreal IRCd information disclosure
| unreal-ircd-information-disclosure (16610) |  Medium Risk |
Description:
Unreal IRCd could allow a remote attacker to obtain sensitive information, caused by a vulnerability in the IPv4 hashing scheme. The IPv4 hashing scheme uses a weak hashing system consisting of three keys to prevent users from viewing the IP address of other users. If a remote attacker knows one plain text and hashed IP address and one other hashed IP address, a remote attacker could use brute-force techniques to obtain sensitive information, such as determining the IP addresses of other chat users.
Platforms Affected:
- Unreal IRCd, Unreal IRCd 3.2
Remedy:
Upgrade to the latest version of Unreal IRCd (3.2.1 or later), available from the Unreal IRCd Web site. See References.
Consequences:
Obtain Information
References:
- BugTraq Mailing List, Mon Jul 05 2004 - 06:16:51 CDT , unreal ircd ip cloaking subsystem vulnerability at http://archives.neohapsis.com/archives/bugtraq/2004-07/0036.html.
- Unreal IRCd homepage, UnrealIRCd Homepage at http://www.unrealircd.com/.
- BID-10663: Unreal IRCD Cloak.C IP Address Disclosure Vulnerability
- CVE-2004-0679: The IP cloaking feature (cloak.c) in UnrealIRCd 3.2, and possibly other versions, uses a weak hashing scheme to hide IP addresses, which could allow remote attackers to use brute force methods to gain other user's IP addresses.
Reported:
Jul 05, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net