[manjaro-security] [ASA-201801-12] irssi: denial of service
Levente Polyak
anthraxx at archlinux.org
Thu Jan 18 23:34:00 CET 2018
Arch Linux Security Advisory ASA-201801-12
==========================================
Severity: Medium
Date : 2018-01-16
CVE-ID : CVE-2018-5205 CVE-2018-5206 CVE-2018-5207 CVE-2018-5208
Package : irssi
Type : denial of service
Remote : Yes
Link : https://security.archlinux.org/AVG-575
Summary
=======
The package irssi before version 1.0.6-1 is vulnerable to denial of
service.
Resolution
==========
Upgrade to 1.0.6-1.
# pacman -Syu "irssi>=1.0.6-1"
The problems have been fixed upstream in version 1.0.6.
Workaround
==========
None.
Description
===========
- CVE-2018-5205 (denial of service)
When using incomplete escape codes, irssi before 1.0.6 may access data
beyond the end of the string.
- CVE-2018-5206 (denial of service)
When the channel topic is set without specifying a sender, irssi before
1.0.6 may dereference a NULL pointer.
- CVE-2018-5207 (denial of service)
When using an incomplete variable argument, irssi before 1.0.6 may
access data beyond the end of the string.
- CVE-2018-5208 (denial of service)
In Irssi before 1.0.6 a calculation error in the completion code could
cause a heap buffer overflow when completing certain strings.
Impact
======
A remote attacker is able to crash the application via a malicious
server or by tricking a user to use malicious commands.
References
==========
http://www.openwall.com/lists/oss-security/2018/01/06/2
https://irssi.org/security/irssi_sa_2018_01.txt
https://github.com/irssi/irssi/commit/7a83c63701b7395ee6cc606905314318eef77971
https://github.com/irssi/irssi/commit/54d453623d879ea83d0818a80bd14151192953ec
https://github.com/irssi/irssi/commit/cc17837a9b326ec9100a35981348fa0f5d6316fa
https://github.com/irssi/irssi/commit/2361d4b1e5d38701f35146219ceddd318ac4e645
https://security.archlinux.org/CVE-2018-5205
https://security.archlinux.org/CVE-2018-5206
https://security.archlinux.org/CVE-2018-5207
https://security.archlinux.org/CVE-2018-5208
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20180118/9dfc8f6c/attachment.sig>
More information about the manjaro-security
mailing list