Remote Code Execution in Atheme: Exploiting Anope FLAGS Behavior

Remote Code Execution in Atheme: Exploiting Anope FLAGS Behavior

CVE-2014-9773 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks.

Learn more about our Web Application Penetration Testing UK.