Home · Compatibility Lists · Support Forums · FAQ · News Archive · Articles · Submit News/Upcoming News
Linux Compatible
advertisement


Latest Linux News

DSA 1573-1: New rdesktop ...
GLSA 200805-10 Pngcrush:...
DSA 1573-1: New php5 pack...
DSA 1572-1: New php5 pack...
GLSA 200805-09 MoinMoin:...
CESA-2008:0237 Important ...
CESA-2008:0211 Important ...
CESA-2008:0262 Important ...
CESA-2008:0224 Moderate C...
CESA-2008:0237 Important ...

Latest Threads

Rig'n'Roll Video Intervie...
Gothic 4: Arcania Artwork...
JonnyGURU.com - Corsair H...
Second Gear releases Toda...
Overclocking The NVIDIA Q...
Noiseblocker FanSpeed Con...
Corsair HX1000W Power Sup...
Clean Text for Mac OS X v...
Pixelmator Team Releases ...
bit-tech News: Nvidia: We...

Latest Web News

Sunbeamtech Quarterback C...
Corsair HX1000 Power Supp...
Noiseblocker FanSpeed Con...
Super Talent Pico: World ...
DFI's LANParty LT X48 T2R...
Trend Micro Pattern File ...
Kaspersky Anti-Virus Upda...
F-Secure Virus Definition...
Bitdefender Virus Definit...
Avira Antivir Virus Defin...

Latest Mac News

CopyPaste Pro 1.0.1
ICeCoffEE 1.5b3
MacCleanse 1.1.9
SuperDocker 2.1.5
MacVim 27
Environmental Group Puts ...
Boinx iStopMotion 2.0.7
NetShade 3.3.2
Online Apple Store is Out...
MiniBatteryStatus 2.6.7

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

Advertisement

Topics

Linux
Reviews
Guides
GNOME
KDE
Red Hat
Debian
Mandriva
Ubuntu
CentOS
Gentoo
SUSE
Slackware
General

News Feeds

Handheld/PDA
XML News Feeds
View Sidebar
Mozilla Sidebar

Appearance

Default
Default Bold
Wide
Wide Bold

Links

HDTV.Esselbach.at
Links Page

GLSA 200805-08 InspIRCd: Denial of Service
Posted by Bob on: 2008-05-09 17:05:01 [ Print | Permalink ]

A new security update has been released for Gentoo Linux - InspIRCd: Denial of Service. Here the announcement:

"Gentoo Linux Security Advisory GLSA 200805-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: InspIRCd: Denial of Service
Date: May 09, 2008
Bugs: #215704
ID: 200805-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A buffer overflow in InspIRCd allows remote attackers to cause a Denial
of Service.

Background
==========

InspIRCd (Inspire IRCd) is a modular C++ IRC daemon.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-irc/inspircd < 1.1.19 >= 1.1.19

Description
===========

The "namesx" and "uhnames" modules do not properly validate network
input, leading to a buffer overflow.

Impact
======

A remote attacker can send specially crafted IRC commands to the
server, causing a Denial of Service.

Workaround
==========

Unload the "uhnames" module in the InspIRCd configuration.

Resolution
==========

All InspIRCd users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-irc/inspircd-1.1.19"

References
==========

[ 1 ] CVE-2008-1925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1925

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200805-08.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5
"

Digg it! Slashdot Del.icio.us Technorati Fark it! Binklist Furl Newsvine Windows Live Netscape Google Bookmarks Reddit! LinkaGoGo Tailrank Wink Dzone Simpy Spurl Yahoo! MyWeb NetVouz RawSugar Smarking Scuttle Magnolia BlogMarks Nowpublic FeedMeLinks Wists Onlywire Connotia Shadows Co.mments
News Source: Gentoo

Related Stories RSS

- GLSA 200805-07 Linux Terminal Server Project: Multiple vulnerabilities (05/09/2008 04:50 pm)
- GLSA 200805-06 Firebird: Data disclosure (05/09/2008 04:35 pm)
- GLSA 200805-05 Wireshark: Denial of Service (05/08/2008 12:40 am)
- GLSA 200805-04 eGroupWare: Multiple vulnerabilities (05/08/2008 12:20 am)
- GLSA 200805-03 Multiple X11 terminals: Local privilege escalation (05/07/2008 09:20 pm)
- GLSA 200805-02 phpMyAdmin: Information disclosure (05/05/2008 11:55 pm)
- GLSA 200805-01 Horde Application Framework: Multiple vulnerabilities (05/05/2008 11:35 pm)
- GLSA 200804-30 KDE start_kdeinit: Multiple vulnerabilities (04/29/2008 02:45 pm)
- GLSA 200804-29 Comix: Multiple vulnerabilities (04/25/2008 11:25 pm)
- GLSA 200804-28 JRockit: Multiple vulnerabilities (04/24/2008 07:00 pm)
- GLSA 200804-27 SILC: Multiple vulnerabilities (04/24/2008 06:50 pm)
- GLSA 200804-26 Openfire: Denial of Service (04/23/2008 07:30 pm)
- GLSA 200804-25 VLC: User-assisted execution of arbitrary code (04/23/2008 06:55 pm)
- GLSA 200804-24 DBmail: Data disclosure (04/19/2008 01:55 am)
- GLSA 200804-23 CUPS: Integer overflow vulnerability (04/19/2008 01:45 am)
- GLSA 200804-22 PowerDNS Recursor: DNS Cache Poisoning (04/18/2008 04:55 pm)
- GLSA 200804-21 Adobe Flash Player: Multiple vulnerabilities (04/18/2008 04:35 pm)
- GLSA 200804-20 Sun JDK/JRE: Multiple vulnerabilities (04/18/2008 02:10 am)
- GLSA 200804-19 PHP Toolkit: Data disclosure and Denial of Service (04/18/2008 02:00 am)
- GLSA 200804-18 Poppler: User-assisted execution of arbitrary code (04/17/2008 02:55 pm)

Related Threads RSS

- [gentoo-announce] [ GLSA 200805-08 ] InspIRCd: Denial of Service (05/09/2008 05:07 pm)
- [gentoo-announce] [ GLSA 200805-07 ] Linux Terminal Server Project: Multiple vulnerabilities (05/09/2008 04:49 pm)
- [gentoo-announce] [ GLSA 200805-06 ] Firebird: Data disclosure (05/09/2008 04:42 pm)
- [gentoo-announce] [ GLSA 200805-05 ] Wireshark: Denial of Service (05/08/2008 12:35 am)
- [gentoo-announce] [ GLSA 200805-04 ] eGroupWare: Multiple vulnerabilities (05/08/2008 12:21 am)
- [gentoo-announce] [ GLSA 200805-03 ] Multiple X11 terminals: Local privilege escalation (05/07/2008 09:21 pm)
- [gentoo-announce] [ GLSA 200805-02 ] phpMyAdmin: Information disclosure (05/05/2008 11:56 pm)
- [gentoo-announce] [ GLSA 200805-01 ] Horde Application Framework: Multiple vulnerabilities (05/05/2008 11:42 pm)
- [gentoo-announce] [ GLSA 200804-30 ] KDE start_kdeinit: Multiple vulnerabilities (04/29/2008 02:49 pm)
- [gentoo-announce] [ GLSA 200804-29 ] Comix: Multiple vulnerabilities (04/25/2008 11:28 pm)
- [gentoo-announce] [ GLSA 200804-28 ] JRockit: Multiple vulnerabilities (04/24/2008 07:00 pm)
- [gentoo-announce] [ GLSA 200804-27 ] SILC: Multiple vulnerabilities (04/24/2008 06:56 pm)
- [gentoo-announce] [ GLSA 200804-26 ] Openfire: Denial of Service (04/23/2008 07:35 pm)
- [gentoo-announce] [ GLSA 200804-25 ] VLC: User-assisted execution of arbitrary code (04/23/2008 06:56 pm)
- [gentoo-announce] [ GLSA 200804-24 ] DBmail: Data disclosure (04/19/2008 01:56 am)
- [gentoo-announce] [ GLSA 200804-23 ] CUPS: Integer overflow vulnerability (04/19/2008 01:49 am)
- [gentoo-announce] [ GLSA 200804-22 ] PowerDNS Recursor: DNS Cache Poisoning (04/18/2008 04:56 pm)
- [gentoo-announce] [ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilities (04/18/2008 04:35 pm)
- [gentoo-announce] [ GLSA 200804-20 ] Sun JDK/JRE: Multiple vulnerabilities (04/18/2008 02:07 am)
- [gentoo-announce] [ GLSA 200804-19 ] PHP Toolkit: Data disclosure and Denial of Service (04/18/2008 01:56 am)

Post New Comment
All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2008 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Website powered by Esselbach Storyteller CMS System