Package: ircii-pana Version: 1:1.1-5 Severity: grave Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
CVE-2007-3360 [0]: "hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands." This vulnerability introduces a security hole allowing access to the accounts of users who use the package. A sample exploit is available [1]; while I did not see the output of 'ps -aux' when I connected to a server running the exploit, I did get a segmentation fault. There does not appear to be a patch available. Please mention the CVE in your changelog. Thanks, Alec [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3360 [1] http://www.milw0rm.com/exploits/4087 - -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.18-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGj9P3Aud/2YgchcQRAuYMAKDlG2rI6W9LjjZq0JnsUVqvbkgx3QCdG6eX GvPa52B/XwKnrM6Y3Jz7mRQ= =YRT1 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]