InspIRCd Heap Memory Corruption Vulnerability

Bugtraq ID:	52561
Class:	Boundary Condition Error
CVE:	CVE-2012-1836
Remote:	Yes
Local:	No
Published:	Mar 19 2012 12:00AM
Updated:	Apr 10 2012 12:10PM
Credit:	Tomasz Salacinski
Vulnerable:	InspIRCd InspIRCd 2.0.5 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64
Not Vulnerable:

InspIRCd Heap Memory Corruption Vulnerability

InspIRCd is prone to a heap-based memory-corruption vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

InspIRCd 2.0.5 is vulnerable; other versions may also be affected.

InspIRCd Heap Memory Corruption Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

InspIRCd Heap Memory Corruption Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].

InspIRCd Heap Memory Corruption Vulnerability

References:

• InspIRCd heap corruption vulnerability (US-CERT)
  
• Vendor Homepage (InspIRCd)