Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22048
HistoryJun 17, 2009 - 12:00 a.m.

[ MDVSA-2009:133 ] irssi

2009-06-1700:00:00
vulners.com
14
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2009:133
http://www.mandriva.com/security/

Package : irssi
Date : June 16, 2009
Affected: 2008.1, 2009.0, 2009.1, Corporate 3.0

Problem Description:

A vulnerability has been found and corrected in irssi:

Off-by-one error in the event_wallops function in
fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers
to cause a denial of service (crash) via an empty command, which
triggers a one-byte buffer under-read and a one-byte buffer underflow
(CVE-2009-1959).

This update provides fixes for this vulnerability.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1959

Updated Packages:

Mandriva Linux 2008.1:
7666ac4b0ee6be35f6c61c88937b4929 2008.1/i586/irssi-0.8.12-3.1mdv2008.1.i586.rpm
3c9d4ce7992efeeb4902d01cf0904be7 2008.1/i586/irssi-devel-0.8.12-3.1mdv2008.1.i586.rpm
8559da090d172911312f0b3536b414c4 2008.1/i586/irssi-perl-0.8.12-3.1mdv2008.1.i586.rpm
f9b68d781fe6476bc8050c2f00726c41 2008.1/SRPMS/irssi-0.8.12-3.1mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64:
1b8e64c328e18f452b9b59d489f33941 2008.1/x86_64/irssi-0.8.12-3.1mdv2008.1.x86_64.rpm
1a1da766b58e5318a22e7084e3b196ac 2008.1/x86_64/irssi-devel-0.8.12-3.1mdv2008.1.x86_64.rpm
51adab508e1d513bdb9d7d40b5069a7a 2008.1/x86_64/irssi-perl-0.8.12-3.1mdv2008.1.x86_64.rpm
f9b68d781fe6476bc8050c2f00726c41 2008.1/SRPMS/irssi-0.8.12-3.1mdv2008.1.src.rpm

Mandriva Linux 2009.0:
1684a3989ed164409776c89546044780 2009.0/i586/irssi-0.8.12-3.1mdv2009.0.i586.rpm
7671fbe25259b3305889975d52b834c4 2009.0/i586/irssi-devel-0.8.12-3.1mdv2009.0.i586.rpm
13b3f2f3a0aa054db77ad53a447e5fe6 2009.0/i586/irssi-perl-0.8.12-3.1mdv2009.0.i586.rpm
64ec4fbff1686d3fbcab88520f669fa5 2009.0/SRPMS/irssi-0.8.12-3.1mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
77c019b09105e045e98f70748d20f56b 2009.0/x86_64/irssi-0.8.12-3.1mdv2009.0.x86_64.rpm
efd08c666aa1ad1014c40244e69dbf79 2009.0/x86_64/irssi-devel-0.8.12-3.1mdv2009.0.x86_64.rpm
051858b7540f7fa8e3c6c0141cb2d200 2009.0/x86_64/irssi-perl-0.8.12-3.1mdv2009.0.x86_64.rpm
64ec4fbff1686d3fbcab88520f669fa5 2009.0/SRPMS/irssi-0.8.12-3.1mdv2009.0.src.rpm

Mandriva Linux 2009.1:
0dbd4c60bcb4baad613c066edc8a9928 2009.1/i586/irssi-0.8.12-4.1mdv2009.1.i586.rpm
90646d0b03a43228cb301d017cc1e516 2009.1/i586/irssi-devel-0.8.12-4.1mdv2009.1.i586.rpm
492d3bb18444d889c26a15fed4bcde71 2009.1/i586/irssi-perl-0.8.12-4.1mdv2009.1.i586.rpm
fb8e4a81570e8af0b02db392c324849e 2009.1/SRPMS/irssi-0.8.12-4.1mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
763e7d2df4275f13bc04c89ebb28e744 2009.1/x86_64/irssi-0.8.12-4.1mdv2009.1.x86_64.rpm
389a2932a04ee531245b2d5398b3959c 2009.1/x86_64/irssi-devel-0.8.12-4.1mdv2009.1.x86_64.rpm
7c278e8ac8e85d1e047cc64179b5196e 2009.1/x86_64/irssi-perl-0.8.12-4.1mdv2009.1.x86_64.rpm
fb8e4a81570e8af0b02db392c324849e 2009.1/SRPMS/irssi-0.8.12-4.1mdv2009.1.src.rpm

Corporate 3.0:
2e896fd5f40335522487871773aeb079 corporate/3.0/i586/irssi-0.8.9-2.1.C30mdk.i586.rpm
998b302c79e9e42564588c5a2cde0d92 corporate/3.0/i586/irssi-devel-0.8.9-2.1.C30mdk.i586.rpm
a36c0604ae531ba14108008d346d9b28 corporate/3.0/SRPMS/irssi-0.8.9-2.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
bcdeed0d1a345aad7e1ddeacae5dac92 corporate/3.0/x86_64/irssi-0.8.9-2.1.C30mdk.x86_64.rpm
eb21881f04f1308567cdfb355266c8b4 corporate/3.0/x86_64/irssi-devel-0.8.9-2.1.C30mdk.x86_64.rpm
a36c0604ae531ba14108008d346d9b28 corporate/3.0/SRPMS/irssi-0.8.9-2.1.C30mdk.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKN3m2mqjQ0CJFipgRAsTdAJwPbdOswHmhm5mUn/htoCG0GPOyrwCgr9pu
VHVWemrVNgtvzoBT/KZCOBg=
=DMv8
-----END PGP SIGNATURE-----

Related

securityvulns 1
nessus 8
openvas 20
prion 1
ubuntu 1
fedora 3
cve 1
ubuntucve 1
debiancve 1
gentoo 1
securityvulns
securityvulns
irssi off-by-one buffer overflow
2009-06-17 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : irssi (MDVSA-2009:133-1)
2009-06-17 00:00:00
Fedora 11 : irssi-0.8.13-3.fc11 (2009-7012)
2009-08-04 00:00:00
Fedora 10 : irssi-0.8.13-3.fc10 (2009-7004)
2009-09-02 00:00:00
openvas
openvas
Mandriva Security Advisory MDVSA-2009:133-1 (irssi)
2009-12-14 00:00:00
Fedora Update for irssi FEDORA-2010-6618
2010-06-25 00:00:00
Fedora Update for irssi FEDORA-2010-6618
2010-06-25 00:00:00
prion
prion
Buffer overflow
2009-06-08 01:00:00
ubuntu
ubuntu
irssi vulnerability
2009-07-13 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: irssi-0.8.15-1.fc11
2010-06-21 12:59:07
[SECURITY] Fedora 10 Update: irssi-0.8.13-3.fc10
2009-08-31 23:38:39
[SECURITY] Fedora 11 Update: irssi-0.8.13-3.fc11
2009-08-03 19:26:58
cve
cve
CVE-2009-1959
2009-06-08 01:00:00
ubuntucve
ubuntucve
CVE-2009-1959
2009-06-08 00:00:00
debiancve
debiancve
CVE-2009-1959
2009-06-08 01:00:00
gentoo
gentoo
irssi: Execution of arbitrary code
2009-09-12 00:00:00
JSON
Related for SECURITYVULNS:DOC:22048
securityvulns1nessus8openvas20prion1ubuntu1fedora3cve1ubuntucve1debiancve1gentoo1