{"result": {"cve": [{"id": "CVE-2009-3051", "type": "cve", "title": "CVE-2009-3051", "description": "Multiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the (1) silc_client_add_client, (2) silc_client_update_client, and (3) silc_client_nickname_format functions.", "published": "2009-09-10T14:30:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3051", "cvelist": ["CVE-2009-3051"], "lastseen": "2016-09-03T12:47:15"}], "freebsd": [{"id": "4E306850-811F-11DE-8A67-000C29A67389", "type": "freebsd", "title": "silc-client -- Format string vulnerability", "description": "\nSILC changelog reports:\n\nAn unspecified format string vulnerability exists in\n\t silc-client.\n\n", "published": "2009-07-31T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/4e306850-811f-11de-8a67-000c29a67389.html", "cvelist": ["CVE-2009-3051"], "lastseen": "2016-09-26T17:24:51"}], "nessus": [{"id": "FREEBSD_PKG_24AA99709CCD11DEAF10000C29A67389.NASL", "type": "nessus", "title": "FreeBSD : silc-toolkit -- Format string vulnerabilities (24aa9970-9ccd-11de-af10-000c29a67389)", "description": "SILC Changlog reports :\n\nAn unspecified format string vulnerability exists in silc-toolkit.", "published": "2009-09-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=40899", "cvelist": ["CVE-2009-3051"], "lastseen": "2017-10-29T13:38:25"}, {"id": "FREEBSD_PKG_4E306850811F11DE8A67000C29A67389.NASL", "type": "nessus", "title": "FreeBSD : silc-client -- Format string vulnerability (4e306850-811f-11de-8a67-000c29a67389)", "description": "SILC changelog reports :\n\nAn unspecified format string vulnerability exists in silc-client.", "published": "2009-08-05T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=40486", "cvelist": ["CVE-2009-3051"], "lastseen": "2017-10-29T13:38:26"}, {"id": "MANDRIVA_MDVSA-2009-235.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : silc-toolkit (MDVSA-2009:235)", "description": "Multiple vulnerabilities was discovered and corrected in silc-toolkit :\n\nMultiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the (1) silc_client_add_client, (2) silc_client_update_client, and (3) silc_client_nickname_format functions (CVE-2009-3051).\n\nMultiple format string vulnerabilities in lib/silcclient/command.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client 1.1.8 and earlier, allow remote attackers to execute arbitrary code via format string specifiers in a channel name, related to (1) silc_client_command_topic, (2) silc_client_command_kick, (3) silc_client_command_leave, and (4) silc_client_command_users (CVE-2009-3163).\n\nThis update provides a solution to these vulnerabilities.", "published": "2010-07-30T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=48152", "cvelist": ["CVE-2009-3051", "CVE-2009-3163"], "lastseen": "2017-10-29T13:34:43"}, {"id": "SUSE_11_0_SILC-TOOLKIT-090908.NASL", "type": "nessus", "title": "openSUSE Security Update : silc-toolkit (silc-toolkit-1280)", "description": "This update of slic-toolkit fixes stack-based overflow while encoding a ASN.1 OID (CVE-2008-7159) and several format string bugs (CVE-2009-3051, CVE-2008-7160). The probability to exploit this issues to execute arbitrary code is high.", "published": "2009-09-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=41003", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "lastseen": "2017-10-29T13:42:26"}, {"id": "SUSE_SILC-TOOLKIT-6479.NASL", "type": "nessus", "title": "openSUSE 10 Security Update : silc-toolkit (silc-toolkit-6479)", "description": "This update of slic-toolkit fixes stack-based overflow while encoding a ASN.1 OID (CVE-2008-7159) and several format string bugs (CVE-2009-3051, CVE-2008-7160). The probability to exploit this issues to execute arbitrary code is high.", "published": "2009-10-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=42033", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "lastseen": "2017-10-29T13:33:43"}, {"id": "SUSE_11_SILC-TOOLKIT-090908.NASL", "type": "nessus", "title": "SuSE 11 Security Update : silc-toolkit (SAT Patch Number 1282)", "description": "This update of slic-toolkit fixes stack-based overflow while encoding a ASN.1 OID (CVE-2008-7159) and several format string bugs (CVE-2009-3051 / CVE-2008-7160). The probability to exploit this issues to execute arbitrary code is high.", "published": "2009-09-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=41453", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "lastseen": "2017-10-29T13:37:19"}, {"id": "SUSE_11_1_SILC-TOOLKIT-090908.NASL", "type": "nessus", "title": "openSUSE Security Update : silc-toolkit (silc-toolkit-1280)", "description": "This update of slic-toolkit fixes stack-based overflow while encoding a ASN.1 OID (CVE-2008-7159) and several format string bugs (CVE-2009-3051, CVE-2008-7160). The probability to exploit this issues to execute arbitrary code is high.", "published": "2009-09-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=41005", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "lastseen": "2017-10-29T13:44:37"}, {"id": "MANDRIVA_MDVSA-2009-234.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : silc-toolkit (MDVSA-2009:234-2)", "description": "Multiple vulnerabilities was discovered and corrected in silc-toolkit :\n\nMultiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the (1) silc_client_add_client, (2) silc_client_update_client, and (3) silc_client_nickname_format functions (CVE-2009-3051).\n\nThe silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string (CVE-2008-7159).\n\nThe silc_http_server_parse function in lib/silchttp/silchttpserver.c in the internal HTTP server in silcd in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.9 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted Content-Length header, related to incorrect use of a %lu format string (CVE-2008-7160).\n\nMultiple format string vulnerabilities in lib/silcclient/command.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client 1.1.8 and earlier, allow remote attackers to execute arbitrary code via format string specifiers in a channel name, related to (1) silc_client_command_topic, (2) silc_client_command_kick, (3) silc_client_command_leave, and (4) silc_client_command_users (CVE-2009-3163).\n\nThis update provides a solution to these vulnerabilities.\n\nUpdate :\n\nPackages for MES5 was not provided previousely, this update addresses this problem.\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers", "published": "2009-09-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=40997", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051", "CVE-2009-3163"], "lastseen": "2017-10-29T13:35:25"}, {"id": "DEBIAN_DSA-1879.NASL", "type": "nessus", "title": "Debian DSA-1879-1 : silc-client/silc-toolkit - several vulnerabilities", "description": "Several vulnerabilities have been discovered in the software suite for the SILC protocol, a network protocol designed to provide end-to-end security for conferencing services. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-7159 An incorrect format string in sscanf() used in the ASN1 encoder to scan an OID value could overwrite a neighbouring variable on the stack as the destination data type is smaller than the source type on 64-bit. On 64-bit architectures this could result in unexpected application behaviour or even code execution in some cases.\n\n - CVE-2009-3051 Various format string vulnerabilities when handling parsed SILC messages allow an attacker to execute arbitrary code with the rights of the victim running the SILC client via crafted nick names or channel names containing format strings.\n\n - CVE-2008-7160 An incorrect format string in a sscanf() call used in the HTTP server component of silcd could result in overwriting a neighbouring variable on the stack as the destination data type is smaller than the source type on 64-bit. An attacker could exploit this by using crafted Content-Length header values resulting in unexpected application behaviour or even code execution in some cases.\n\nsilc-server doesn't need an update as it uses the shared library provided by silc-toolkit. silc-client/silc-toolkit in the oldstable distribution (etch) is not affected by this problem.", "published": "2010-02-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=44744", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051", "CVE-2009-3163"], "lastseen": "2017-10-29T13:33:27"}, {"id": "GENTOO_GLSA-201006-07.NASL", "type": "nessus", "title": "GLSA-201006-07 : SILC: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201006-07 (SILC: Multiple vulnerabilities)\n\n Multiple vulnerabilities were discovered in SILC Toolkit and SILC Client. For further information please consult the CVE entries referenced below.\n Impact :\n\n A remote attacker could overwrite stack locations and possibly execute arbitrary code via a crafted OID value, Content-Length header or format string specifiers in a nickname field or channel name.\n Workaround :\n\n There is no known workaround at this time.", "published": "2010-06-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=46774", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051", "CVE-2009-3163"], "lastseen": "2017-10-29T13:45:43"}], "openvas": [{"id": "OPENVAS:64578", "type": "openvas", "title": "FreeBSD Ports: silc-client, silc-irssi-client", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2009-08-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64578", "cvelist": ["CVE-2009-3051"], "lastseen": "2017-07-02T21:14:15"}, {"id": "OPENVAS:136141256231064899", "type": "openvas", "title": "FreeBSD Ports: silc-toolkit", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2009-09-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064899", "cvelist": ["CVE-2009-3051"], "lastseen": "2018-04-06T11:37:22"}, {"id": "OPENVAS:64899", "type": "openvas", "title": "FreeBSD Ports: silc-toolkit", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2009-09-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64899", "cvelist": ["CVE-2009-3051"], "lastseen": "2017-07-02T21:13:48"}, {"id": "OPENVAS:900951", "type": "openvas", "title": "SILC Client Nickname Field Format String Vulnerability", "description": "This host has SILC Client/Toolkit installed, and is prone\n to Format String vulnerability.", "published": "2009-09-29T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=900951", "cvelist": ["CVE-2009-3051"], "lastseen": "2017-07-02T21:14:09"}, {"id": "OPENVAS:136141256231064578", "type": "openvas", "title": "FreeBSD Ports: silc-client, silc-irssi-client", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2009-08-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064578", "cvelist": ["CVE-2009-3051"], "lastseen": "2018-04-06T11:40:09"}, {"id": "OPENVAS:1361412562310900951", "type": "openvas", "title": "SILC Client Nickname Field Format String Vulnerability", "description": "This host has SILC Client/Toolkit installed, and is prone\n to Format String vulnerability.", "published": "2009-09-29T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900951", "cvelist": ["CVE-2009-3051"], "lastseen": "2018-04-06T11:39:32"}, {"id": "OPENVAS:136141256231064908", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:235 (silc-toolkit)", "description": "The remote host is missing an update to silc-toolkit\nannounced via advisory MDVSA-2009:235.", "published": "2009-09-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064908", "cvelist": ["CVE-2009-3051", "CVE-2009-3163"], "lastseen": "2018-04-06T11:40:01"}, {"id": "OPENVAS:64908", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:235 (silc-toolkit)", "description": "The remote host is missing an update to silc-toolkit\nannounced via advisory MDVSA-2009:235.", "published": "2009-09-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64908", "cvelist": ["CVE-2009-3051", "CVE-2009-3163"], "lastseen": "2017-07-24T12:57:01"}, {"id": "OPENVAS:64822", "type": "openvas", "title": "Debian Security Advisory DSA 1879-1 (silc-client/silc-toolkit)", "description": "The remote host is missing an update to silc-client/silc-toolkit\nannounced via advisory DSA 1879-1.", "published": "2009-09-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64822", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "lastseen": "2017-07-24T12:56:18"}, {"id": "OPENVAS:136141256231064822", "type": "openvas", "title": "Debian Security Advisory DSA 1879-1 (silc-client/silc-toolkit)", "description": "The remote host is missing an update to silc-client/silc-toolkit\nannounced via advisory DSA 1879-1.", "published": "2009-09-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064822", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "lastseen": "2018-04-06T11:37:56"}], "debian": [{"id": "DSA-1879", "type": "debian", "title": "silc-client/silc-toolkit -- several vulnerabilities", "description": "Several vulnerabilities have been discovered in the software suite for the SILC protocol, a network protocol designed to provide end-to-end security for conferencing services. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2008-7159](<https://security-tracker.debian.org/tracker/CVE-2008-7159>)\n\nAn incorrect format string in sscanf() used in the ASN1 encoder to scan an OID value could overwrite a neighbouring variable on the stack as the destination data type is smaller than the source type on 64-bit. On 64-bit architectures this could result in unexpected application behaviour or even code execution in some cases.\n\n * [CVE-2009-3051](<https://security-tracker.debian.org/tracker/CVE-2009-3051>)\n\nVarious format string vulnerabilities when handling parsed SILC messages allow an attacker to execute arbitrary code with the rights of the victim running the SILC client via crafted nick names or channel names containing format strings.\n\n * [CVE-2008-7160](<https://security-tracker.debian.org/tracker/CVE-2008-7160>)\n\nAn incorrect format string in a sscanf() call used in the HTTP server component of silcd could result in overwriting a neighbouring variable on the stack as the destination data type is smaller than the source type on 64-bit. An attacker could exploit this by using crafted Content-Length header values resulting in unexpected application behaviour or even code execution in some cases.\n\nsilc-server doesn't need an update as it uses the shared library provided by silc-toolkit. silc-client/silc-toolkit in the oldstable distribution (etch) is not affected by this problem.\n\nFor the stable distribution (lenny), this problem has been fixed in version 1.1.7-2+lenny1 of silc-toolkit and in version 1.1.4-1+lenny1 of silc-client.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in version 1.1.10-1 of silc-toolkit and version 1.1-2 of silc-client (using libsilc from silc-toolkit since this upload).\n\nWe recommend that you upgrade your silc-toolkit/silc-client packages.", "published": "2009-09-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-1879", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051"], "lastseen": "2016-09-02T18:37:35"}], "gentoo": [{"id": "GLSA-201006-07", "type": "gentoo", "title": "SILC: Multiple vulnerabilities", "description": "### Background\n\nSILC (Secure Internet Live Conferencing protocol) Toolkit is a software development kit for use in clients, and SILC Client is an IRSSI-based text client. \n\n### Description\n\nMultiple vulnerabilities were discovered in SILC Toolkit and SILC Client. For further information please consult the CVE entries referenced below. \n\n### Impact\n\nA remote attacker could overwrite stack locations and possibly execute arbitrary code via a crafted OID value, Content-Length header or format string specifiers in a nickname field or channel name. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll SILC Toolkit users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-im/silc-toolkit-1.1.10\"\n\nAll SILC Client users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-im/silc-client-1.1.8\"", "published": "2010-06-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/201006-07", "cvelist": ["CVE-2008-7160", "CVE-2008-7159", "CVE-2009-3051", "CVE-2009-3163"], "lastseen": "2016-09-06T19:46:31"}]}}