ngIRCd: Buffer overflow — GLSA 200501-40

ngIRCd is vulnerable to a buffer overflow that can be used to crash the daemon and possibly execute arbitrary code.

Affected Packages

net-irc/ngircd on all architectures
Affected versions < 0.8.2
Unaffected versions >= 0.8.2

Background

ngIRCd is a free open source daemon for Internet Relay Chat (IRC).

Description

Florian Westphal discovered a buffer overflow caused by an integer underflow in the Lists_MakeMask() function of lists.c.

Impact

A remote attacker can exploit this buffer overflow to crash the ngIRCd daemon and possibly execute arbitrary code with the rights of the ngIRCd daemon process.

Workaround

There is no known workaround at this time.

Resolution

All ngIRCd users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-irc/ngIRCd-0.8.2"

References

Release Date
January 28, 2005

Latest Revision
May 22, 2006: 02

Severity
high

Exploitable
remote

Bugzilla entries