CVE-2012-1836

Priority
Medium
Description
Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might allow remote
attackers to execute arbitrary code via a crafted DNS query that uses
compression.
References
Bugs
Package
Upstream:released (2.0.5-0.1)
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):released (1.1.22+dfsg-4squeeze1build0.10.04.1)
Ubuntu 11.04 (Natty Narwhal):released (1.1.22+dfsg-4squeeze1build0.11.04.1)
Ubuntu 11.10 (Oneiric Ocelot):released (1.1.22+dfsg-4ubuntu1.1)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (1.1.22+dfsg-4ubuntu2)
Patches:
Patch:https://github.com/inspircd/inspircd/commit/fe7dbd2c104c37f6f3af7d9f1646a3c332aea4a4
Vendor:http://www.debian.org/security/2012/dsa-2448
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:22:44 UTC (commit 5347)