inspircd -- buffer overflow

2012-03-19T00:00:00
ID F5F00804-A03B-11E1-A284-0023AE8E59F0
Type freebsd
Reporter FreeBSD
Modified 2012-06-21T00:00:00

Description

InspIRCd reports:

InspIRCd contains a heap corruption vulnerability that exists in the dns.cpp code. The res[] buffer is allocated on the heap and can be overflowed. The res[] buffer can be exploited during its deallocation. The number of overflowed bytes can be controlled with DNS compression features.