Published: 22/03/2012 Updated: 14/09/2020

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might allow remote malicious users to execute arbitrary code via a crafted DNS query that uses compression.

Vulnerable Product	Search on Vulmon	Subscribe to Product
inspircd inspircd 2.0.5

Debian Bug report logs - #780880 inspircd: CVE-2012-1836 patch incorrect Package: inspircd; Maintainer for inspircd is inspircd packagers <inspircd@packagesdebianorg>; Source for inspircd is src:inspircd (PTS, buildd, popcon) Reported by: Adam <adam@anopeorg> Date: Fri, 20 Mar 2015 22:09:02 UTC Severity: grave Ta ...

Debian Bug report logs - #667914 CVE-2012-1836: Buffer overflow Package: inspircd; Maintainer for inspircd is inspircd packagers <inspircd@packagesdebianorg>; Source for inspircd is src:inspircd (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Sat, 7 Apr 2012 12:54:02 UTC Severity: gra ...

Adam discovered several problems in inspircd, an IRC daemon: An incomplete patch for CVE-2012-1836 failed to adequately resolve the problem where maliciously crafted DNS requests could lead to remote code execution through a heap-based buffer overflow The incorrect processing of specific DNS packets could trigger an infinite loop, thus resu ...

CWE-119 http://www.kb.cert.org/vuls/id/212651 https://github.com/inspircd/inspircd/commit/fe7dbd2c104c37f6f3af7d9f1646a3c332aea4a4 http://www.debian.org/security/2012/dsa-2448 https://exchange.xforce.ibmcloud.com/vulnerabilities/74157 http://www.securityfocus.com/bid/52561 http://secunia.com/advisories/48474 http://osvdb.org/80263 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780880 https://www.debian.org/security/./dsa-3226

CVE-2012-1836

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect