Debian Security Advisory

DSA-2448-1 inspircd -- buffer overflow

Date Reported:
10 Apr 2012
Affected Packages:
inspircd
Vulnerable:
Yes
Security database references:
In the Debian bugtracking system: Bug 667914.
In Mitre's CVE dictionary: CVE-2012-1836.
More information:

It was discovered that a heap-based buffer overflow in InspIRCd could allow remote attackers to execute arbitrary code via a crafted DNS query.

For the stable distribution (squeeze), this problem has been fixed in version 1.1.22+dfsg-4+squeeze1.

For the testing distribution (wheezy), this problem has been fixed in version 1.1.22+dfsg-4+wheezy1.

For the unstable distribution (sid), this problem has been fixed in version 2.0.5-0.1.

We recommend that you upgrade your inspircd packages.