7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.163 Low
EPSS
Percentile
96.0%
SILC (Secure Internet Live Conferencing protocol) Toolkit is a software development kit for use in clients, SILC Server is a communication server, and SILC Client is an IRSSI-based text client.
A remote attacker could exploit these vulnerabilities to cause a Denial of Service or execute arbitrary code with the privileges of the user running the application.
There is no known workaround at this time.
All SILC Toolkit users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/silc-toolkit-1.1.7"
All SILC Client users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/silc-client-1.1.4"
All SILC Server users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/silc-server-1.1.2"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | net-im/silc-toolkit | < 1.1.7 | UNKNOWN |
Gentoo | any | all | net-im/silc-client | < 1.1.4 | UNKNOWN |
Gentoo | any | all | net-im/silc-server | < 1.1.2 | UNKNOWN |