Re: CVE Request: inspircd

[Micah Anderson <micah () riseup net>]

"Steven M. Christey" <coley () linus mitre org>
writes:

> On Tue, 22 Apr 2008, Micah Anderson wrote:
>
> > Versions prior to 1.1.17 of InspIRCd are vulnerable to a remotely
> > triggerable buffer overflow which can lead to a Denial of Service
> > (daemon crash) when the namesx and uhnames modules are loaded.
>
> The reference you pointed to is for a fix in 1.1.18, which suggests that
> 1.1.17 is vulnerable.

Sorry for the confusion, that was my mistake.

> Thanks for the clarification of the issue - the vendor's post only alluded
> to "security" with no additional details, which left a lot of vuln DBs
> guessing.

I was also guessing, thats why I sought clarification :)

Micah