14 matches found
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : WeeChat vulnerabilities (USN-5258-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5258-1 advisory. Stuart Nevans Locke discovered that WeeChat's relay plugin insecurely handled malformed websocket frames. A remote attacker in...
Ubuntu: Security Advisory (USN-5258-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5258-1: WeeChat vulnerabilities
Stuart Nevans Locke discovered that WeeChat's relay plugin insecurely handled malformed websocket frames. A remote attacker in control of a server could possibly use this issue to cause denial of service in a client. CVE-2021-40516 Stuart Nevans Locke discovered that WeeChat insecurely handled...
Debian: Security Advisory (DLA-2770-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2770-1] weechat security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2770-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 30, 2021 https://wiki.debian.org/LTS -...
GLSA-202003-51 : WeeChat: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202003-51 WeeChat: Multiple vulnerabilities Multiple vulnerabilities have been discovered in WeeChat. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by sending a specially crafted IRC...
Fedora 31 : weechat (2020-db890b4800)
New version, fixes a lot of bugs some of them security. In the same update, fixed up epel7 build to latest version as well. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean...
Updated weechat packages fix security vulnerability
Updated weechat packages fix security vulnerability: ircmodechannelupdate in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a malformed IRC message 324 channel...
OPENSUSE-SU-2020:0248-1 Security update for weechat
This update for weechat fixes the following security issue: - CVE-2020-8955: Fixed a buffer overflow in plugins/irc/irc-mode.c that allowed attackers to cause a denial of service bsc1163889...
Security update for weechat (important)
openSUSE Security Update: Security update for weechat Announcement ID: openSUSE-SU-2020:0248-1 Rating: important References: 1163889 Cross-References: CVE-2020-8955 Affected Products: openSUSE Leap 15.1 openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that fixes one vulnerability...
FreeBSD : WeeChat -- Multiple vulnerabilities (8e3f1812-54d9-11ea-8d49-d4c9ef517024)
The WeeChat project reports : Buffer overflow when receiving a malformed IRC message 324 channel mode. CVE-2020-8955 Buffer overflow when a new IRC message 005 is received with longer nick prefixes. Crash when receiving a malformed IRC message 352 WHO. C Tenable Network Security, Inc. The...
CVE-2020-8955
ircmodechannelupdate in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a malformed IRC message 324 channel mode...
CVE-2020-8955
WeeChat is affected by CVE-2020-8955 via the irc_mode_channel_update path in plugins/irc/irc-mode.c. A crafted IRC message 324 (channel mode) can trigger a heap-based out-of-bounds write, causing a denial of service (application crash) and, per advisories, possibly arbitrary code execution. Upstr...
CVE-2020-8955
ircmodechannelupdate in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a malformed IRC message 324 channel mode...