HIGH
Unrealircd
CVE published 2017-01-18
CVE-2016-7144
CVE-2016-7144 is a high-severity authentication bypass in UnrealIRCd. A remote attacker could spoof certificate fingerprints and log in as another user by sending a crafted AUTHENTICATE parameter to the m_authenticate function in modules/m_sasl.c. The issue was publicly discussed in September 2016 advisory threads and later published in the CVE/NVD record on 2017-01-18.