GLSA-200805-08 : InspIRCd: Denial of Service
Medium Nessus Plugin ID 32210
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200805-08 (InspIRCd: Denial of Service)
The 'namesx' and 'uhnames' modules do not properly validate network input, leading to a buffer overflow.
A remote attacker can send specially crafted IRC commands to the server, causing a Denial of Service.
Unload the 'uhnames' module in the InspIRCd configuration.
SolutionAll InspIRCd users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-irc/inspircd-1.1.19'