Leon Juranic discovered that BNC, an IRC session bouncing proxy, does
not always protect buffers from being overwritten. This could
exploited by a malicious IRC server to overflow a buffer of limited
size and execute arbitrary code on the client host.
For the stable distribution (woody) this problem has been fixed in
version 2.6.4-3.3.
This package does not exist in the testing or unstable distributions.
We recommend that you upgrade your bnc package.