SB2018040301 - Debian update for irssi 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018040301

SB2018040301 - Debian update for irssi

Published: April 3, 2018

Security Bulletin ID SB2018040301
Severity
High
Patch available
YES
Number of vulnerabilities 9
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 33% Low 67%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 9 secuirty vulnerabilities.


1) Buffer over-read (CVE-ID: CVE-2018-5205)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to data access beyond the end of the string when using incomplete escape codes. A remote attacker can trigger buffer over-read and gain access to potentially sensitive information.

2) NULL pointer dereference (CVE-ID: CVE-2018-5206)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to NULL pointer dereference when the channel topic is set without specifying a sender. A remote attacker can cause the service to crash.

3) Buffer over-read (CVE-ID: CVE-2018-5207)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to data access beyond the end of the string when using an incomplete variable argument. A remote attacker can trigger buffer over-read and gain access to potentially sensitive information.

4) Buffer over-read (CVE-ID: CVE-2018-5208)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a calculation error in the completion code that triggers heap buffer overflow when completing certain strings. A remote attacker can cause the service to crash.

5) NULL pointer dereference (CVE-ID: CVE-2018-7050)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a NULL pointer dereference when an "empty" nick has been observed. A remote attacker can use a broken ircd or control over the ircde and cause the service to crash.

6) Out-of-bounds write (CVE-ID: CVE-2018-7051)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to an out-of-bounds write error when printing theme strings. A remote attacker can execute arbitrary code on the system.

Successful exploitation of the vulnerability may result in system compromise.


7) NULL pointer dereference (CVE-ID: CVE-2018-7052)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a NULL pointer dereference when the number of windows exceed the available space. A remote attacker can cause a denial of service.

8) Use-after-free error (CVE-ID: CVE-2018-7053)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a use-after-free when SASL messages are received in unexpected order. A remote attacker can use a non-conforming ircd, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may result in system compromise.

9) Use-after-free error (CVE-ID: CVE-2018-7054)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness is due to a use-after-free when server is disconnected during netsplits. A remote attacker can trigger memory corruption and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Install update from vendor's website.

References