Explore top 10 tips to secure your open-source projects now. Read More
×
Two security issues were discovered in the modules of the InspIRCd IRC daemon, which could result in denial of service. CVE-2019-20917 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2375-1
Two security issues were discovered in the pgsql and mysql modules of the InspIRCd IRC daemon, which could result in denial of service. For the stable distribution (buster), these problems have been fixed in . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4764-1
It was discovered that incorrect SASL authentication in the Inspircd IRC server may lead to users impersonating other users. For the stable distribution (jessie), this problem has been fixed in . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3662-1
It was discovered that inspircd, an IRC daemon, incorrectly handled PTR lookups of connecting users. This flaw allowed a remote attacker to crash the application by setting up malformed DNS records, thus causing a denial-of-service, . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3527-1
A heap-based buffer overflow in InspIRCd may allow execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201204-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: InspIRCd: Arbitrary code execution Date: April 10, 2012 Bugs: #409159 ID: 201204-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A heap-based buffer overflow in InspIRCd may allow execution of arbitrary code. Background ========= InspIRCd (Inspire IRCd) is a modular C++ IRC daemon Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-irc/inspircd < 2.0.5-r1 > = 2.0.5-r1 Description ========== A vulnerability in InspIRCd allows DNS compression features to control the number of overflowed bytes sent to the heap-based buffer "res[]" in dns.cpp. Impact ===== A remote attacker could send specially crafted DNS responses, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All InspIRCd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-irc/inspircd-2.0.5-r1" References ========= [ 1 ] CVE-2012-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1836 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201204-02 Concerns? ======== Security is a primaryfocus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
It was discovered that a heap-based buffer overflow in InspIRCd could allow remote attackers to execute arbitrary code via a crafted DNS query. For the stable distribution (squeeze), this problem has been fixed in . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2448-1
A buffer overflow in InspIRCd allows remote attackers to cause a Denial of Service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200805-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: InspIRCd: Denial of Service Date: May 09, 2008 Bugs: #215704 ID: 200805-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A buffer overflow in InspIRCd allows remote attackers to cause a Denial of Service. Background ========= InspIRCd (Inspire IRCd) is a modular C++ IRC daemon. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-irc/inspircd < 1.1.19 > = 1.1.19 Description ========== The "namesx" and "uhnames" modules do not properly validate network input, leading to a buffer overflow. Impact ===== A remote attacker can send specially crafted IRC commands to the server, causing a Denial of Service. Workaround ========= Unload the "uhnames" module in the InspIRCd configuration. Resolution ========= All InspIRCd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-irc/inspircd-1.1.19" References ========= [ 1 ] CVE-2008-1925 https://www.cve.org/CVERecord?id=CVE-2008-1925 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200805-08 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is ofutmost importance to us. Any security concerns should be addressed to
Get the latest Linux and open source security news straight to your inbox.