A buffer overflow in InspIRCd allows remote attackers to cause a Denial of Service.
Package | net-irc/inspircd on all architectures |
---|---|
Affected versions | < 1.1.19 |
Unaffected versions | >= 1.1.19 |
InspIRCd (Inspire IRCd) is a modular C++ IRC daemon.
The "namesx" and "uhnames" modules do not properly validate network input, leading to a buffer overflow.
A remote attacker can send specially crafted IRC commands to the server, causing a Denial of Service.
Unload the "uhnames" module in the InspIRCd configuration.
All InspIRCd users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-irc/inspircd-1.1.19"
Release date
May 09, 2008
Latest revision
May 09, 2008: 01
Severity
normal
Exploitable
remote
Bugzilla entries