Stack-based buffer overflow in fish.cpp in the Fish plugin for ZNC, as used in ZNC for Windows (znc-msvc) 0.206 and earlier, allows remote attackers to cause a denial of service (crash) via a long string in a DH1080_INIT message.
https://exchange.xforce.ibmcloud.com/vulnerabilities/89671
https://code.google.com/p/znc-msvc/
http://www.securityfocus.com/bid/64254
http://seclists.org/oss-sec/2013/q4/489