ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial of service (crash) via crafted IRC PART message, which triggers an invalid dereference.
http://www.securityfocus.com/bid/27318
http://security.gentoo.org/glsa/glsa-200801-13.xml
http://secunia.com/advisories/28673
http://secunia.com/advisories/28425