Re: CVE Request: inspircd

["Steven M. Christey" <coley () linus mitre org>]

On Tue, 22 Apr 2008, Micah Anderson wrote:

> Versions prior to 1.1.17 of InspIRCd are vulnerable to a remotely
> triggerable buffer overflow which can lead to a Denial of Service
> (daemon crash) when the namesx and uhnames modules are loaded.

The reference you pointed to is for a fix in 1.1.18, which suggests that
1.1.17 is vulnerable.

Thanks for the clarification of the issue - the vendor's post only alluded
to "security" with no additional details, which left a lot of vuln DBs
guessing.

- Steve

======================================================
Name: CVE-2008-1925
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1925
Reference: MISC:http://www.inspircd.org/bugtrack/view_bug.php?bug_id=438
Reference: CONFIRM:http://www.inspircd.org/forum/showthread.php?t=2945
Reference: MLIST:[oss-security] 20080422 CVE Request: inspircd
Reference: URL:http://www.openwall.com/lists/oss-security/2008/04/22/3
Reference: FRSIRT:ADV-2008-1041
Reference: URL:http://www.frsirt.com/english/advisories/2008/1041/references
Reference: SECUNIA:29610
Reference: URL:http://secunia.com/advisories/29610

Buffer overflow in InspIRCd before 1.1.18, when using the namesx and
uhnames modules, allows remote attackers to cause a denial of service
(daemon crash) via a large number of channel users with crafted
nicknames, idents, and long hostnames.