CVE-2005-0199

Name of the Vulnerable Software and Affected Versions ngIRCd versions prior to 0.8.2

Description The issue is caused by an integer underflow in the Lists MakeMask() function, which can lead to a denial of service (application crash) and potentially allow the execution of arbitrary code. This occurs when a remote attacker sends a long MODE line, causing an incorrect length calculation and resulting in a buffer overflow.

Recommendations For versions prior to 0.8.2, update to version 0.8.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Lists MakeMask() function until a patch is available.