A vulnerability has been reported in VooDoo cIRCle, which can be exploited by malicious users to cause a DoS (Denial of Service).
The vulnerability is caused due to a boundary error in the handling of packets from BOTNET connections. This can be exploited to cause a buffer overflow by sending a specially crafted packet from a connected malicious bot.
Successful exploitation crashes a vulnerable bot, but requires access to establish a BOTNET connection (e.g. knowledge of password or client SSL certificate).
The vulnerability has been reported in version 1.0.20 through 1.0.32.
SOFTWARE:
VooDoo cIRCle 1.x
SOLUTION:
Update to version 1.0.33.
http://sourceforge.net/project/showfiles.php?group_id=116847
VERIFY ADVISORY:
http://secunia.com/advisories/15110/
Secunia Security Advisories
http://community.securityteam.us/article.php/20050504222254347