Launchpad.net

CVE 2012-1836

Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might allow remote attackers to execute arbitrary code via a crafted DNS query that uses compression.

Related bugs and status

CVE-2012-1836 (Candidate) is related to these bugs:

Bug #978206: FreezeException request-- Sync with Debian unstable

Summary				In	Importance	Status
	978206	FreezeException request-- Sync with Debian unstable		inspircd (Ubuntu)	Undecided	Won't Fix

Bug #982509: CVE-2012-1836: Buffer overflow

		In	Importance	Status
982509	CVE-2012-1836: Buffer overflow	inspircd (Ubuntu)	Undecided	Fix Released
982509	CVE-2012-1836: Buffer overflow	inspircd (Debian)	Unknown	Fix Released
982509	CVE-2012-1836: Buffer overflow	inspircd (Ubuntu Lucid)	High	Fix Released
982509	CVE-2012-1836: Buffer overflow	inspircd (Ubuntu Natty)	High	Fix Released
982509	CVE-2012-1836: Buffer overflow	inspircd (Ubuntu Oneiric)	High	Fix Released
982509	CVE-2012-1836: Buffer overflow	inspircd (Ubuntu Precise)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://github.com/ins...
CERT-VN: VU#212651
DEBIAN: DSA-2448
BID: 52561
OSVDB: 80263
SECUNIA: 48474
XF: inspircd-dns-bo(74157)