ngIRCd is prone to multiple denial-of-service vulnerabilities when the server is running with SSL/TLS support. Attackers can leverage these issues to crash the server and deny access to legitimate users. ngIRCd 13 through ngIRCd 14 are vulnerable these issues have been fixed in ngIRCd 14.1.
Updates are available. Please see the references for details.
- TheGreenBow IPSec VPN Client Denial Of Service Vulnerability
- Apache 'mod_proxy_ftp' Module Denial Of Service Vulnerability (Linux)
- Wireshark IKE Packet Denial of Service Vulnerability (Win)
- Wireshark IEEE 802.11 Dissector Denial of Service Vulnerability (Mac OS X)
- Oracle VM VirtualBox Unspecified Denial of Service Vulnerability (Mac OS X)