FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

sircd -- remote reverse DNS buffer overflow

Affected packages
sircd <= 0.4.0


VuXML ID 1374b96c-a1c2-11db-9ddc-0011098b2f36
Discovery 2003-02-24
Entry 2007-01-15

Secunia reports:

A vulnerability in sircd can be exploited by a malicious person to compromise a vulnerable system. The vulnerability is caused by a boundary error in the code handling reverse DNS lookups, when a user connects to the service. If the FQDN (Fully Qualified Domain Name) returned is excessively long, the allocated buffer is overflowed making it possible to execute arbitrary code on the system with the privileges of the sircd daemon.


Bugtraq ID 6924