Description
The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows
remote DNS servers to cause a denial of service (netsplit) via an invalid
character in a PTR response, as demonstrated by a "\032" (whitespace)
character in a hostname.
Package
| Upstream: | released
(2.0.20-1)
|
| Ubuntu 14.04 ESM: | DNE
(trusty was released [2.0.5-1+deb7u2build0.14.04.1])
|
| Ubuntu 20.04 FIPS Compliant: | not-affected
|
Patches:
Updated: 2022-04-13 12:07:35 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)