drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in xchat
Name: |
Denial of Service in xchat
|
|
ID: |
200312-06 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Di, 16. Dezember 2003, 12:00 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
X-Chat |
|
Originalnachricht |
--------------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200312-06 ---------------------------------------------------------------------------
GLSA: 200312-06 Package: net-irc/xchat Summary: Malformed dcc send requests in xchat-2.0.6 lead to a denial of service Severity: medium Gentoo bug: 35623 Date: 2003-12-14 CVE: none Exploit: remote Affected: =2.0.6 Fixed: >=2.0.6-r1
DESCRIPTION:
There is a remotely exploitable bug in xchat 2.0.6 that could lead to a denial of service attack. This is caused by sending a malformed DCC packet to xchat 2.0.6, causing it to crash. Versions prior to 2.0.6 do not appear to be affected by this bug.
For more information, please see:
http://mail.nl.linux.org/xchat-announce/2003-12/msg00000.html
SOLUTION:
For Gentoo users, xchat-2.0.6 was marked ~arch (unstable) for most architectures. Since it was never marked as stable in the portage tree, only xchat users who have explictly added the unstable keyword to ACCEPT_KEYWORDS are affected. Users may updated affected machines to the patched version of xchat using the following commands:
emerge sync emerge -pv '>=net-irc/xchat-2.0.6-r1' emerge '>=net-irc/xchat-2.0.6-r1' emerge clean
|
|
|
|