sircd -- remote reverse DNS buffer overflow

2003-02-24T00:00:00
ID 1374B96C-A1C2-11DB-9DDC-0011098B2F36
Type freebsd
Reporter FreeBSD
Modified 2003-02-24T00:00:00

Description

Secunia reports:

A vulnerability in sircd can be exploited by a malicious person to compromise a vulnerable system. The vulnerability is caused by a boundary error in the code handling reverse DNS lookups, when a user connects to the service. If the FQDN (Fully Qualified Domain Name) returned is excessively long, the allocated buffer is overflowed making it possible to execute arbitrary code on the system with the privileges of the sircd daemon.