The remote host is affected by the vulnerability described in GLSA-200512-11 (CenterICQ: Multiple vulnerabilities) Gentoo developer Wernfried Haas discovered that when the 'Enable peer-to-peer communications' option is enabled, CenterICQ opens a port that insufficiently validates whatever is sent to it. Furthermore, Zone-H Research reported a buffer overflow in the ktools library. Impact : A remote attacker could cause a crash of CenterICQ by sending packets to the peer-to-peer communications port, and potentially cause the execution of arbitrary code by enticing a CenterICQ user to edit overly long contact details. Workaround : There is no known workaround at this time.
Debian Security Advisory DSA 1083-1 (motor)
[SECURITY] [DSA 1088-1] New centericq packages fix arbitrary code execution
[SECURITY] [DSA 1083-1] New motor packages fix arbitrary code execution