oss-sec mailing list archives
Re: CVE Request: inspircd
From: Micah Anderson <micah () riseup net>
Date: Wed, 23 Apr 2008 19:46:11 -0400
"Steven M. Christey" <coley () linus mitre org> writes:
On Tue, 22 Apr 2008, Micah Anderson wrote:Versions prior to 1.1.17 of InspIRCd are vulnerable to a remotely triggerable buffer overflow which can lead to a Denial of Service (daemon crash) when the namesx and uhnames modules are loaded.The reference you pointed to is for a fix in 1.1.18, which suggests that 1.1.17 is vulnerable.
Sorry for the confusion, that was my mistake.
Thanks for the clarification of the issue - the vendor's post only alluded to "security" with no additional details, which left a lot of vuln DBs guessing.
I was also guessing, thats why I sought clarification :) Micah
Current thread:
- CVE Request: inspircd Micah Anderson (Apr 22)
- Re: CVE Request: inspircd Steven M. Christey (Apr 23)
- Re: CVE Request: inspircd security curmudgeon (Apr 23)
- Re: CVE Request: inspircd Micah Anderson (Apr 23)
- Re: CVE Request: inspircd Steven M. Christey (Apr 23)