Your message dated Sun, 03 Feb 2013 01:02:34 +0000 with message-id <e1u1nyc-0002wo...@franck.debian.org> and subject line Bug#699267: fixed in ircd-hybrid 1:7.2.2.dfsg.2-10 has caused the Debian Bug report #699267, regarding ircd-hybrid: CVE-2013-0238 Denial of service vulnerability in hostmask.c:try_parse_v4_netmask() to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 699267: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699267 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ircd-hybrid Version: 1:7.2.2.dfsg.2-6.2 Severity: grave Tags: security Mr. Bob Nomnomnom from Torland reported a denial of service security vulnerability in ircd-hybrid. Function hostmask.c:try_parse_v4_netmask() is using strtoul to parse masks. Documentation says strtoul can parse "-number" as well. Validation of input does not catch evil bits. I can give proof of concept if needed. Fixed in commit: http://svn.ircd-hybrid.org:8000/viewcvs.cgi/ircd-hybrid/trunk/src/hostmask.c?r1=1786&r2=1785&pathrev=1786 Fixed in: ircd-hybrid 8.0.6 I have requested CVE identifier for this vulnerability. Program received signal SIGSEGV, Segmentation fault. 0x000000000041c799 in try_parse_v4_netmask (text=<value optimized out>, addr=0x113e270, b=0x113e2f8) at hostmask.c:229 229 addb[bits / 8] &= ~((1 << (8 - bits % 8)) - 1); (gdb) bt #0 0x000000000041c799 in try_parse_v4_netmask (text=<value optimized out>, addr=0x113e270, b=0x113e2f8) at hostmask.c:229 #1 parse_netmask (text=<value optimized out>, addr=0x113e270, b=0x113e2f8) at hostmask.c:255 #2 0x000000000040c4ab in add_id (client_p=0x7ffff7f9a058, chptr=0x11264e8, banid=<value optimized out>, type=<value optimized out>) at channel_mode.c:233 #3 0x000000000040cd28 in chm_ban (client_p=0x7ffff7f9a058, source_p=0x7ffff7f9a058, chptr=0x11264e8, parc=<value optimized out>, parn=0x7ffff7565580, parv=0x2f, errors=0x7fffffffdd08, alev=2, dir=1, c=98 'b', d=0x0, chname=0x1126774 "#foo") at channel_mode.c:803 #4 0x000000000040baac in set_channel_mode (client_p=<value optimized out>, source_p=<value optimized out>, chptr=<value optimized out>, member=<value optimized out>, parc=2, parv=0x8ed410, chname=0x1126774 "#foo") at channel_mode.c:1785 #5 0x00007fffee7655a4 in m_mode (client_p=0x7ffff7f9a058, source_p=0x7ffff7f9a058, parc=4, parv=0x8ed400) at m_mode.c:115 #6 0x0000000000422d9f in parse_client_queued (client_p=0x7ffff7f9a058) at packet.c:216 #7 0x0000000000422ee5 in read_packet (fd=0x10faa18, data=<value optimized out>) at packet.c:359 #8 0x0000000000423ead in comm_select () at s_bsd_epoll.c:204 #9 0x000000000041f7f8 in io_loop (argc=0, argv=0x7fffffffe588) at ircd.c:237 #10 main (argc=0, argv=0x7fffffffe588) at ircd.c:670 -- Henri Salo
--- End Message ---
--- Begin Message ---Source: ircd-hybrid Source-Version: 1:7.2.2.dfsg.2-10 We believe that the bug you reported is fixed in the latest version of ircd-hybrid, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 699...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Dominic Hargreaves <d...@earth.li> (supplier of updated ircd-hybrid package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 03 Feb 2013 00:54:15 +0000 Source: ircd-hybrid Binary: ircd-hybrid hybrid-dev Architecture: source all i386 Version: 1:7.2.2.dfsg.2-10 Distribution: unstable Urgency: high Maintainer: Dominic Hargreaves <d...@earth.li> Changed-By: Dominic Hargreaves <d...@earth.li> Description: hybrid-dev - development files for ircd-hybrid ircd-hybrid - high-performance secure IRC server Closes: 699267 Changes: ircd-hybrid (1:7.2.2.dfsg.2-10) unstable; urgency=high . * [CVE-2013-0238] fix DoS in hostmask.c:try_parse_v4_netmask() (Closes: #699267) Checksums-Sha1: c5f2021e49e5ea53e67b4c05f2dcfea5df99105f 1348 ircd-hybrid_7.2.2.dfsg.2-10.dsc e8efc0ddc9b6b673e7a18440847d605d23f34fa0 118745 ircd-hybrid_7.2.2.dfsg.2-10.diff.gz 1b014cf383abe0d6bd66e2346097a56b91b64f2e 66182 hybrid-dev_7.2.2.dfsg.2-10_all.deb 679271c29ddcd5d704d0dad4bf6d8b83003c16bf 584364 ircd-hybrid_7.2.2.dfsg.2-10_i386.deb Checksums-Sha256: 55b1c087480d5c506a16fb73b4a256579ef6901f6c3709e43ce081f563b8042b 1348 ircd-hybrid_7.2.2.dfsg.2-10.dsc 43ad33c5afc28e267e4f1bd1d323ea392edb87bdba678f0c789a14abc0c2f4f0 118745 ircd-hybrid_7.2.2.dfsg.2-10.diff.gz c64614b68d6498904d474b5d1bb199502cb474eca54df30a05945aaaa9b60b79 66182 hybrid-dev_7.2.2.dfsg.2-10_all.deb 3e8bc78d774179e5be833a2696b5c551955cd46ab44c73365d419a67ce9b2dbb 584364 ircd-hybrid_7.2.2.dfsg.2-10_i386.deb Files: 8712f883489f1482572c53040127caec 1348 net optional ircd-hybrid_7.2.2.dfsg.2-10.dsc 649a228e800ee22c23a131738ec148c3 118745 net optional ircd-hybrid_7.2.2.dfsg.2-10.diff.gz 8f6335203c8a6e50b239fc77d4de5869 66182 devel optional hybrid-dev_7.2.2.dfsg.2-10_all.deb cb7f26eeb233f65707727288d6efa7ff 584364 net optional ircd-hybrid_7.2.2.dfsg.2-10_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFRDbaSYzuFKFF44qURAh66AJ0feaskdlyl2pvO9IBXwT9l29zA1gCff/Ei mmJYhyjm6y86cBtjUzkFSI4= =o3fN -----END PGP SIGNATURE-----
--- End Message ---
