VU#212651: InspIRCd heap corruption vulnerability
Vulnerability Note VU#212651
InspIRCd heap corruption vulnerability
OverviewInspIRCd 2.0.5 and possibly other versions contain a heap corruption vulnerability that may be exploited with a specifically crafted DNS query.
I. DescriptionInspIRCd contains a heap corruption vulnerability that exists in the dns.cpp code. The res buffer is allocated on the heap and can be overflowed. The res buffer can be exploited during its deallocation. The number of overflowed bytes can be controlled with DNS compression features.
II. ImpactA remote unauthenticated attacker may be able to execute arbitrary code with the permissions of the user running the InspIRCd service.
III. SolutionApply an Update
InspIRCd 2.0 has addressed this vulnerability.
The issue may be mitigated in some scenarios by changing your configuration file so
|Vendor||Status||Date Notified||Date Updated|
|Mandriva S. A.||Unknown||2012-02-07||2012-02-07|
|Red Hat, Inc.||Unknown||2012-02-07||2012-02-07|
|Slackware Linux Inc.||Unknown||2012-02-07||2012-02-07|
|SUSE Linux||Not Affected||2012-02-07||2012-02-13|
Thanks to Tomasz Salacinski of CERT Polska for reporting this vulnerability.
This document was written by Jared Allar.
|Date First Published:||2012-03-19|
|Date Last Updated:||2012-03-21|
|US-CERT Technical Alerts:|
The original article/video can be found at VU#212651: InspIRCd heap corruption vulnerability