ngIRCd is prone to multiple denial-of-service vulnerabilities when the server is running with SSL/TLS support. Attackers can leverage these issues to crash the server and deny access to legitimate users. ngIRCd 13 through ngIRCd 14 are vulnerable these issues have been fixed in ngIRCd 14.1.
Updates are available. Please see the references for details.
- PHP pdo_sql_parser.re 'PDO' extension DoS vulnerability (Windows)
- Samba 'etc/mtab' File Appending Local Denial of Service Vulnerability
- Wireshark IKE Packet Denial of Service Vulnerability (Win)
- Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Mac OS X)
- Wireshark IEEE 802.11 Dissector Denial of Service Vulnerability (Windows)