security: fix remotely triggerable crash in SSL/TLS code - ngircd

diff options

author	Florian Westphal <fw@strlen.de>	2009-05-04 23:51:24 +0200
committer	Alexander Barton <alex@barton.de>	2009-05-05 10:21:20 +0200
commit	627b0b713c52406e50c84bb9459e7794262920a2 (patch)
tree	9e81bc9c8fe284ec19dbfad85822f7eac8a7d568 /src/testsuite/stop-server2
parent	95428a72ffb5214826b61d5e77f860e7ef6a6c9e (diff)
download	ngircd-627b0b713c52406e50c84bb9459e7794262920a2.tar.gz ngircd-627b0b713c52406e50c84bb9459e7794262920a2.zip

security: fix remotely triggerable crash in SSL/TLS code

When a server is running with SSL/TLS support compiled in,
it is trivial to crash the server by sending an MOTD request
via another server in the network.

- ONLY servers without ssl/tls support compiled in are not affected.
  Disabling SSL in the configuration (no ssl listening ports, etc)
  does NOT help.
- servers that are running standalone (i.e., not connected to any
  other servers) are not affected, either.

This affects all ngircd releases since ngircd 13 (earlier versions
have no SSL/TLS support).

Diffstat (limited to 'src/testsuite/stop-server2')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: