6 matches found
USN-5258-1: WeeChat vulnerabilities
Stuart Nevans Locke discovered that WeeChat's relay plugin insecurely handled malformed websocket frames. A remote attacker in control of a server could possibly use this issue to cause denial of service in a client. CVE-2021-40516 Stuart Nevans Locke discovered that WeeChat insecurely handled...
FreeBSD : irssi -- multiple vulnerabilities (7afc5e56-156d-11e8-95f2-005056925db4)
Irssi reports : Use after free when server is disconnected during netsplits. Found by Joseph Bisch. Use after free when SASL messages are received in unexpected order. Found by Joseph Bisch. NULL pointer dereference when an 'empty' nick has been observed by Irssi. Found by Joseph Bisch. When the...
irssi -- multiple vulnerabilities
Irssi reports: Use after free when server is disconnected during netsplits. Found by Joseph Bisch. Use after free when SASL messages are received in unexpected order. Found by Joseph Bisch. Null pointer dereference when an “empty” nick has been observed by Irssi. Found by Joseph Bisch. When the...
Ubuntu 14.04 LTS / 16.04 LTS : Irssi vulnerabilities (USN-3527-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3527-1 advisory. Joseph Bisch discovered that Irssi incorrectly handled incomplete escape codes. If a user were tricked into using malformed commands or openi...
irssi -- multiple vulnerabilities
Irssi reports: When the channel topic is set without specifying a sender, Irssi may dereference NULL pointer. Found by Joseph Bisch. When using incomplete escape codes, Irssi may access data beyond the end of the string. Found by Joseph Bisch. A calculation error in the completion code could caus...
FreeBSD : Irssi -- multiple vulnerabilities (3d6be69b-d365-11e6-a071-001e67f15f5a)
Irssi reports : Five vulnerabilities have been located in Irssi - A NULL pointer dereference in the nickcmp function found by Joseph Bisch. CWE-690 - Use after free when receiving invalid nick message Issue 466, CWE-146 - Out of bounds read in certain incomplete control codes found by Joseph Bisc...