ngIRCd is prone to multiple denial-of-service vulnerabilities when the server is running with SSL/TLS support. Attackers can leverage these issues to crash the server and deny access to legitimate users. ngIRCd 13 through ngIRCd 14 are vulnerable these issues have been fixed in ngIRCd 14.1.
Updates are available. Please see the references for details.
- Oracle VM VirtualBox Local Denial of Service Vulnerability-01 Oct2013 (Windows)
- Kingsoft Antivirus 'KisKrnl.sys' Driver Denial of Service Vulnerability
- Oracle VM VirtualBox Unspecified Denial of Service Vulnerability (Mac OS X)
- WinFTP Server PASV Command Denial of Service Vulnerability
- Perl Denial of Service Vulnerability Jan 2015 (Windows)