21 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-10965
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. CVE-2017-10965...
Mageia: Security Advisory (MGASA-2017-0216)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for irssi (EulerOS-SA-2019-1971)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for irssi (EulerOS-SA-2019-2595)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1089-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4016-1 : irssi - security update
Multiple vulnerabilities have been discovered in Irssi, a terminal based IRC client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2017-10965 Brian 'geeknik' Carpenter of Geeknik Labs discovered that Irssi does not properly handle receiving messages wi...
[SECURITY] [DSA 4016-1] irssi security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4016-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 03, 2017 https://www.debian.org/security/faq -...
Ubuntu 14.04 LTS / 16.04 LTS : Irssi vulnerabilities (USN-3465-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3465-1 advisory. Brian Carpenter discovered that Irssi incorrectly handled messages with invalid time stamps. A malicious IRC server could use this issue to...
Ubuntu: Security Advisory (USN-3465-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3465-1: Irssi vulnerabilities
Brian Carpenter discovered that Irssi incorrectly handled messages with invalid time stamps. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. CVE-2017-10965 Brian Carpenter discovered that Irssi incorrectly handled the internal nick list. A...
Debian DLA-1089-1 : irssi security update
Some Irssi issues were found : CVE-2017-10965 An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. CVE-2017-10966 An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi...
[SECURITY] [DLA 1089-1] irssi security update
Package : irssi Version : 0.8.15-5+deb7u3 CVE ID : CVE-2017-10965 CVE-2017-10966 Debian Bug : 867598 Some Irssi issues were found: CVE-2017-10965 An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer...
Fedora Update for irssi FEDORA-2017-90ad72e684
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-10965
An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer...
[ASA-201707-13] irssi: denial of service
Arch Linux Security Advisory ASA-201707-13 ========================================== Severity: Critical Date : 2017-07-13 CVE-ID : CVE-2017-10965 CVE-2017-10966 Package : irssi Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-342 Summary ======= The package irssi...
openSUSE Security Update : irssi (openSUSE-2017-797)
This update for irssi to version fixes the following issues : - CVE-2017-10965: A malicious server could cause irssi to crash by providing an invalid timestamp - CVE-2017-10966: Undefined behavior may be triggered when irssi updates the internal nick list A number of minor upstream bug fixes are...
OPENSUSE-SU-2017:1823-1 Security update for irssi
This update for irssi to version fixes the following issues: - CVE-2017-10965: A malicious server could cause irssi to crash by providing an invalid timestamp - CVE-2017-10966: Undefined behavior may be triggered when irssi updates the internal nick list A number of minor upstream bug fixes are...
OPENSUSE-SU-2017:1824-1 Security update for irssi
This update for irssi to version fixes the following issues: - CVE-2017-10965: A malicious server could cause irssi to crash by providing an invalid timestamp - CVE-2017-10966: Undefined behavior may be triggered when irssi updates the internal nick list A number of minor upstream bug fixes are...
Internet Bug Bounty: CVE-2017-10965: Null pointer dereference in Irssi <1.0.4
34 days after reading https://irssi.org/2017/05/12/fuzzing-irssi/, I was finally able to trigger a null pointer dereference in irssi 1.0.2. Timeline: Report to vendor: 15 June 2017 Acknowledge by vendor: 15 June 2017 Fixed by vendor: 7 July 2017 Advisory: http://seclists.org/oss-sec/2017/q3/80...
CVE-2017-10965
CVE-2017-10965 affects Irssi prior to 1.0.4. The flaw occurs when receiving messages with invalid timestamps, causing a NULL pointer dereference and denial of service. Advisories from Debian/Arch/Fedora confirm patching to 1.0.4 or newer; upgrade recommended.