'[oss-security] CVE request: 2 issues in inspircd'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE request: 2 issues in inspircd
From:       Sébastien Delafond <sdelafond () gmail ! com>
Date:       2015-03-29 12:20:44
Message-ID: 20150329122044.GX1846 () frisco ! mine ! nu
[Download RAW message or body]

Hi,

the Debian Security Team is requesting 2 CVEs for inspircd.

  * the fix that was included in Debian for CVE-2012-1836 is incomplete,
    and does not solve the original remote code execution problem. See:

      https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780880#5

  * a DoS can be triggered by invalid DNS packets. See:

      https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780880#5
      https://github.com/inspircd/inspircd/commit/58c893e834ff20495d007709220881a3ff13f423

Cheers,

--Seb
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic