|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200501-40] ngIRCd: Buffer overflow Vulnerability Scan
Vulnerability Scan Summary ngIRCd: Buffer overflow
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200501-40
(ngIRCd: Buffer overflow)
Florian Westphal discovered a buffer overflow caused by an integer
underflow in the Lists_MakeMask() function of lists.c.
Impact
A remote attacker can exploit this buffer overflow to crash the
ngIRCd daemon and possibly execute arbitrary code with the rights of
the ngIRCd daemon process.
Workaround
There is no known workaround at this time.
References:
http://arthur.ath.cx/pipermail/ngircd-ml/2005-January/000228.html
Solution:
All ngIRCd users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-irc/ngIRCd-0.8.2"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|