firstname.lastname@example.org discovered several problems in inspircd, an IRC daemon:
InspIRCd is a modular Internet Relay Chat (IRC) server written in C++ for Linux, BSD, Windows and Mac OS X systems which was created from scratch to be stable, modern and lightweight.
As InspIRCd is one of the few IRC servers written from scratch, it avoids a number of design flaws and performance issues that plague other more established projects, such as UnrealIRCd, while providing the same level of feature parity.
– an incomplete patch for CVE-2012-1836 failed to adequately resolve
the problem where maliciously crafted DNS requests could lead to
remote code execution through a heap-based buffer overflow.
– the incorrect processing of specific DNS packets could trigger an
infinite loop, thus resulting in a denial of service.
For the stable distribution (wheezy), this problem has been fixed in
For the upcoming stable distribution (jessie) and unstable
distribution (sid), this problem has been fixed in version 2.0.16-1.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/