diff options
Diffstat (limited to 'security/irssi_sa_2017_10.txt')
-rw-r--r-- | security/irssi_sa_2017_10.txt | 94 |
1 files changed, 0 insertions, 94 deletions
diff --git a/security/irssi_sa_2017_10.txt b/security/irssi_sa_2017_10.txt deleted file mode 100644 index ffca83c..0000000 --- a/security/irssi_sa_2017_10.txt +++ /dev/null @@ -1,94 +0,0 @@ -IRSSI-SA-2017-10 Irssi Security Advisory [1] -============================================ -CVE-2017-15228, CVE-2017-15227, CVE-2017-15721, CVE-2017-15723, -CVE-2017-15722 - -Description ------------ - -Multiple vulnerabilities have been located in Irssi. - -(a) When installing themes with unterminated colour formatting - sequences, Irssi may access data beyond the end of the - string. (CWE-126) Found by Hanno Böck. - - CVE-2017-15228 was assigned to this issue. - -(b) While waiting for the channel synchronisation, Irssi may - incorrectly fail to remove destroyed channels from the query list, - resulting in use after free conditions when updating the state - later on. Found by Joseph Bisch. (CWE-416 caused by CWE-672) - - CVE-2017-15227 was assigned to this issue. - -(c) Certain incorrectly formatted DCC CTCP messages could cause NULL - pointer dereference. Found by Joseph Bisch. This is a separate, - but similar issue to CVE-2017-9468. (CWE-690) - - CVE-2017-15721 was assigned to this issue. - -(d) Overlong nicks or targets may result in a NULL pointer dereference - while splitting the message. Found by Joseph Bisch. (CWE-690) - - CVE-2017-15723 was assigned to this issue. - -(e) In certain cases Irssi may fail to verify that a Safe channel ID - is long enough, causing reads beyond the end of the string. Found - by Joseph Bisch. (CWE-126) - - CVE-2017-15722 was assigned to this issue. - - -Impact ------- - -(a,b,c,d) May result in denial of service (remote crash). - -(e) May affect the stability of Irssi. - - -Affected versions ------------------ - -(a,b,c,e) All Irssi versions that we observed. - -(d) Starting from 0.8.17. - - -Fixed in --------- - -Irssi 1.0.5 - - -Recommended action ------------------- - -Upgrade to Irssi 1.0.5. Irssi 1.0.5 is a maintenance release in the -1.0 series, without any new features. - -After installing the updated packages, one can issue the /upgrade -command to load the new binary. TLS connections will require -/reconnect. - - -Mitigating facts ----------------- - -(a) requires user to install malicious or broken theme file - -(b,c,e) requires a broken ircd or control over the ircd - -(d) irc servers typically have length limits in place - - -Patch ------ - -https://github.com/irssi/irssi/commit/43e44d553d44e313003cee87e6ea5e24d68b84a1 - - -References ----------- - -[1] https://irssi.org/security/irssi_sa_2017_10.txt |