Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
Software | From | Fixed in |
---|---|---|
debian / debian_linux | 3.0 | 3.0.x |
gentoo / linux | - | - |
bnc / bnc | 2.2.4 | 2.2.4.x |
bnc / bnc | 2.4.6 | 2.4.6.x |
bnc / bnc | 2.4.8 | 2.4.8.x |
bnc / bnc | 2.6 | 2.6.x |
bnc / bnc | 2.6.2 | 2.6.2.x |
bnc / bnc | 2.6.4 | 2.6.4.x |
bnc / bnc | 2.8.8 | 2.8.8.x |
bnc / bnc | 2.8.9 | 2.8.9.x |