Red Hat Bugzilla – Bug 428935
CVE-2008-0285 ngircd: Remotely triggered crash
Last modified: 2009-10-23 15:05:18 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-0285 to the following vulnerability:
ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial of service (crash) via crafted IRC PART message, which triggers an invalid dereference.
Not yet in Fedora. Here is the review request: bug #234926
FYI: This bug should be closed for good, the vulnerable version was never available in fedora AFAIK.
Agree, this can be closed. I haven't closed it before as it wasn't clear to me what's the ngircd's review request. It is closed now, but ngircd only seems to be shipped in EPEL5 and may appear in F10.
Reporter changed to firstname.lastname@example.org by request of Jay Turner.