sircd -- remote reverse DNS buffer overflow

ID 1374B96C-A1C2-11DB-9DDC-0011098B2F36
Type freebsd
Reporter FreeBSD
Modified 2003-02-24T00:00:00


Secunia reports:

A vulnerability in sircd can be exploited by a malicious person to compromise a vulnerable system. The vulnerability is caused by a boundary error in the code handling reverse DNS lookups, when a user connects to the service. If the FQDN (Fully Qualified Domain Name) returned is excessively long, the allocated buffer is overflowed making it possible to execute arbitrary code on the system with the privileges of the sircd daemon.