FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

inspircd -- buffer overflow

Affected packages
1.2 <= inspircd < 1.2.9
2.0 <= inspircd < 2.0.5_2


VuXML ID f5f00804-a03b-11e1-a284-0023ae8e59f0
Discovery 2012-03-19
Entry 2012-05-17
Modified 2012-06-21

InspIRCd reports:

InspIRCd contains a heap corruption vulnerability that exists in the dns.cpp code. The res[] buffer is allocated on the heap and can be overflowed. The res[] buffer can be exploited during its deallocation. The number of overflowed bytes can be controlled with DNS compression features.


CVE Name CVE-2012-1836