It was reported  that ircd-hybrid suffers from a denial of service condition due to improper validation of input when parsing masks. Because try_parse_v4_netmask() (in src/hostmask.c) uses strtoul to parse masks, and does not properly validate input, it can segfault on certain input. This could allow a remote attacker to crash the ircd server.
This has been fixed upstream in version 8.0.6 .
Created ircd-hybrid tracking bugs for this issue
Affects: epel-all [bug 905653]
According to http://dl.fedoraproject.org/pub/epel/6/SRPMS/Packages/i/ this package is not shipped in EPEL6. Given it was filed against EPEL5 at that time, closing this.