1. Gentoo Linux Security Advisory
| Advisory Reference | GLSA 200805-08 / inspircd |
| Release Date | May 09, 2008 |
| Latest Revision | May 09, 2008: 01 |
| Impact | normal |
| Exploitable | remote |
| Package | Vulnerable versions | Unaffected versions | Architecture(s) |
| net-irc/inspircd | < 1.1.19 | >= 1.1.19 | All supported architectures |
Related bugreports: #215704
A buffer overflow in InspIRCd allows remote attackers to cause a Denial of Service.
InspIRCd (Inspire IRCd) is a modular C++ IRC daemon.
The "namesx" and "uhnames" modules do not properly validate network input, leading to a buffer overflow.
A remote attacker can send specially crafted IRC commands to the server, causing a Denial of Service.
Unload the "uhnames" module in the InspIRCd configuration.
All InspIRCd users should upgrade to the latest version:
Code Listing 3.1: Resolution |
# emerge --sync # emerge --ask --oneshot --verbose ">=net-irc/inspircd-1.1.19" |