20 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-10966
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick whi...
Mageia: Security Advisory (MGASA-2017-0216)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for irssi (EulerOS-SA-2019-2595)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for irssi (EulerOS-SA-2019-1971)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1089-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4016-1 : irssi - security update
Multiple vulnerabilities have been discovered in Irssi, a terminal based IRC client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2017-10965 Brian 'geeknik' Carpenter of Geeknik Labs discovered that Irssi does not properly handle receiving messages wi...
[SECURITY] [DSA 4016-1] irssi security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4016-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 03, 2017 https://www.debian.org/security/faq -...
Ubuntu: Security Advisory (USN-3465-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : Irssi vulnerabilities (USN-3465-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3465-1 advisory. Brian Carpenter discovered that Irssi incorrectly handled messages with invalid time stamps. A malicious IRC server could use this issue to...
USN-3465-1: Irssi vulnerabilities
Brian Carpenter discovered that Irssi incorrectly handled messages with invalid time stamps. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. CVE-2017-10965 Brian Carpenter discovered that Irssi incorrectly handled the internal nick list. A...
Debian DLA-1089-1 : irssi security update
Some Irssi issues were found : CVE-2017-10965 An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. CVE-2017-10966 An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi...
[SECURITY] [DLA 1089-1] irssi security update
Package : irssi Version : 0.8.15-5+deb7u3 CVE ID : CVE-2017-10965 CVE-2017-10966 Debian Bug : 867598 Some Irssi issues were found: CVE-2017-10965 An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer...
Fedora Update for irssi FEDORA-2017-90ad72e684
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-201707-13] irssi: denial of service
Arch Linux Security Advisory ASA-201707-13 ========================================== Severity: Critical Date : 2017-07-13 CVE-ID : CVE-2017-10965 CVE-2017-10966 Package : irssi Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-342 Summary ======= The package irssi...
openSUSE Security Update : irssi (openSUSE-2017-797)
This update for irssi to version fixes the following issues : - CVE-2017-10965: A malicious server could cause irssi to crash by providing an invalid timestamp - CVE-2017-10966: Undefined behavior may be triggered when irssi updates the internal nick list A number of minor upstream bug fixes are...
OPENSUSE-SU-2017:1824-1 Security update for irssi
This update for irssi to version fixes the following issues: - CVE-2017-10965: A malicious server could cause irssi to crash by providing an invalid timestamp - CVE-2017-10966: Undefined behavior may be triggered when irssi updates the internal nick list A number of minor upstream bug fixes are...
OPENSUSE-SU-2017:1823-1 Security update for irssi
This update for irssi to version fixes the following issues: - CVE-2017-10965: A malicious server could cause irssi to crash by providing an invalid timestamp - CVE-2017-10966: Undefined behavior may be triggered when irssi updates the internal nick list A number of minor upstream bug fixes are...
Internet Bug Bounty: CVE-2017-10966: Heap-use-after-free in Irssi <1.0.4
35 days after reading https://irssi.org/2017/05/12/fuzzing-irssi/, I was able to trigger a heap-use-after-free in irssi 1.0.2. Timeline: Report to vendor: 16 June 2017 Acknowledge by vendor: 16 June 2017 Fixed by vendor: 7 July 2017 Advisory: http://seclists.org/oss-sec/2017/q3/80 Patch:...
CVE-2017-10966
An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick while updating it. This would then result in use-after-free conditions on each access of the hash table...
CVE-2017-10966
CVE-2017-10966 affects Irssi prior to 1.0.4. While updating the internal nick list, Irssi could improperly use the GHashTable interface and free the nick during updates, causing use-after-free on subsequent hash-table accesses. This was fixed upstream in version 1.0.4; Debian and Arch/Linux advis...