oss-sec mailing list archives
Re: CVE request: 2 issues in inspircd
From: Salvatore Bonaccorso <carnil () debian org>
Date: Wed, 15 Apr 2015 19:22:01 +0200
Hi, On Sun, Mar 29, 2015 at 02:20:44PM +0200, Sébastien Delafond wrote:
Hi, the Debian Security Team is requesting 2 CVEs for inspircd. * the fix that was included in Debian for CVE-2012-1836 is incomplete, and does not solve the original remote code execution problem. See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780880#5 * a DoS can be triggered by invalid DNS packets. See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780880#5 https://github.com/inspircd/inspircd/commit/58c893e834ff20495d007709220881a3ff13f423
For reference, this has been fixed via DSA-3226-1 in Debian: https://lists.debian.org/debian-security-announce/2015/msg00114.html Regards, Salvatore
Current thread:
- Re: CVE request: 2 issues in inspircd Salvatore Bonaccorso (Apr 15)