16 matches found
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : WeeChat vulnerabilities (USN-5258-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5258-1 advisory. Stuart Nevans Locke discovered that WeeChat's relay plugin insecurely handled malformed websocket frames. A remote attacker in...
Ubuntu: Security Advisory (USN-5258-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5258-1: WeeChat vulnerabilities
Stuart Nevans Locke discovered that WeeChat's relay plugin insecurely handled malformed websocket frames. A remote attacker in control of a server could possibly use this issue to cause denial of service in a client. CVE-2021-40516 Stuart Nevans Locke discovered that WeeChat insecurely handled...
Mageia: Security Advisory (MGASA-2017-0369)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated weechat packages fix security vulnerability
It was discovered that logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized CVE-2017-14727...
openSUSE Security Update : weechat (openSUSE-2017-1111)
This update for weechat fixes the following issues : - CVE-2017-14727: A uninitialized buffer could be used to crash the logger plugin in WeeChat boo1060140 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
[SECURITY] [DLA 1111-1] weechat security update
Package : weechat Version : 0.3.8-1+deb7u3 CVE ID : CVE-2017-14727 Debian Bug : 876553 It was discovered that WeeChats logger plugin is vulnerable to an invalid buffer read which can be exploited remotely to trigger an application crash or other undefined behaviour. For Debian 7 "Wheezy", these...
FreeBSD : weechat -- crash in logger plugin (b63421b6-a1e0-11e7-ac58-b499baebfeaf)
WeeChat reports : security problem: a crash can happen in logger plugin when converting date/time specifiers in file mask. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-20...
[ASA-201709-20] weechat: denial of service
Arch Linux Security Advisory ASA-201709-20 ========================================== Severity: Medium Date : 2017-09-25 CVE-ID : CVE-2017-14727 Package : weechat Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-412 Summary ======= The package weechat before version...
UBUNTU-CVE-2017-14727
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized...
CVE-2017-14727
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized...
DEBIAN-CVE-2017-14727
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized...
CVE-2017-14727
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized...
CVE-2017-14727
Summary: CVE-2017-14727 affects WeeChat’s logger plugin prior to 1.9.1. The vulnerability arises in logger.c where, when handling date/time specifiers, a buffer is not initialized, allowing a remote crash via crafted strftime usage. Impact: Remote crash of the WeeChat client (logger plugin) due t...
CVE-2017-14727
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized...
CVE-2017-14727
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized...