GLSA-200801-13 : ngIRCd: Denial of Service
Medium Nessus Plugin ID 30118
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200801-13 (ngIRCd: Denial of Service)
The IRC_PART() function in the file irc-channel.c does not properly check the number of parameters, referencing an invalid pointer if no channel is supplied.
A remote attacker can exploit this vulnerability to crash the ngIRCd daemon.
There is no known workaround at this time.
SolutionAll ngIRCd users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-irc/ngircd-0.10.4'