On Tue, Jan 29, 2013 at 05:38:36PM +0200, Henri Salo wrote:
Mr. Bob Nomnomnom from Torland reported a denial of service security
vulnerability in ircd-hybrid. Function hostmask.c:try_parse_v4_netmask() is
using strtoul to parse masks. Documentation says strtoul can parse -number
as
well.
Package: ircd-hybrid
Version: 1:7.2.2.dfsg.2-6.2
Severity: grave
Tags: security
Mr. Bob Nomnomnom from Torland reported a denial of service security
vulnerability in ircd-hybrid. Function hostmask.c:try_parse_v4_netmask() is
using strtoul to parse masks. Documentation says strtoul can parse
Control: retitle -1 ircd-hybrid: CVE-2013-0238 Denial of service vulnerability
in hostmask.c:try_parse_v4_netmask()
Hi
On Tue, Jan 29, 2013 at 05:38:36PM +0200, Henri Salo wrote:
I have requested CVE identifier for this vulnerability.
Was assigned now: CVE-2013-0238
Regards,
Salvatore
--
3 matches
Mail list logo