A vulnerability has been reported in IRC Services, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to the improper handling of overly long passwords within the "default_encrypt()" function in encrypt.c and can be exploited to crash an affected server.
The vulnerability is reported in versions prior to 5.0.63 and 5.1.9.
Update to version 5.0.63 or 5.1.9.
Provided and/or discovered by:
The vendor credits loverboy.
maintainers - please advice
*** Bug 200467 has been marked as a duplicate of this bug. ***
Missed that one.
Ok, bumped to 5.0.63 till i have some more time to bump to 5.1.9
Arches, please test and mark stable net-irc/ircservices-5.0.63.
Target keywords : "ppc x86"
this bug is ready for glsa decision
yes too, request filed.
Does not affect current (2008.0) release. Removing release.