` 
---------------------------------------------------------------------
                   Red Hat, Inc. Security Advisory

Synopsis:          BitchX denial of service vulnerability
Advisory ID:       RHSA-2000:042-01
Issue date:        2000-07-06
Updated on:        2000-07-06
Product:           Red Hat Powertools
Keywords:          DoS
Cross references:  N/A
---------------------------------------------------------------------

1. Topic:

A denial of service vulnerability exists in BitchX.

2. Relevant releases/architectures:

Red Hat Powertools 6.0 - i386, alpha, sparc
Red Hat Powertools 6.1 - i386, alpha, sparc
Red Hat Powertools 6.2 - i386, alpha, sparc

3. Problem description:

A denial of service vulnerability exists in BitchX.  Improper handling of
incoming invitation messages can crash the client.  Any user on IRC can send the
 client an invitation message that causes BitchX to segfault.

4. Solution:

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where filename is the name of the RPM.

5. Bug IDs fixed  (  for more info):

N/A

6. RPMs required:

Red Hat Powertools 6.1:

Red Hat Powertools 6.2:

sparc: 
 

alpha: 
 

i386: 
 

sources: 
 

7. Verification:

MD5 sum                           Package Name
--------------------------------------------------------------------------
ea54ae7d29be2abeb4e0252ad2e5a040  6.2/SRPMS/BitchX-1.0c16-1.src.rpm
7c517589b963bbf9a42025cbd216fcdb  6.2/alpha/BitchX-1.0c16-1.alpha.rpm
93a409b68bdef05468a86bfdae2cb8d5  6.2/i386/BitchX-1.0c16-1.i386.rpm
2317c93fa3ed3a0ee0566ecd1c6d98ad  6.2/sparc/BitchX-1.0c16-1.sparc.rpm

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
      

You can verify each package with the following command:
    rpm --checksig  

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg 

8. References:

Thanks to Colten Edwards <edwards@bitchx.dimension6.com> for making us aware of the problem.
`

RedHat: BitchX denial of service vulnerability

A denial of service vulnerability exists in BitchX.

Summary



Summary

A denial of service vulnerability exists in BitchX. Improper handling ofincoming invitation messages can crash the client. Any user on IRC can send the client an invitation message that causes BitchX to segfault.


Solution

For each RPM for your particular architecture, run:
rpm -Fvh [filename]
where filename is the name of the RPM.
5. Bug IDs fixed ( for more info):
N/A
6. RPMs required:
Red Hat Powertools 6.1:
Red Hat Powertools 6.2:
sparc:

alpha:

i386:

sources:

7. Verification:
MD5 sum Package Name ea54ae7d29be2abeb4e0252ad2e5a040 6.2/SRPMS/BitchX-1.0c16-1.src.rpm 7c517589b963bbf9a42025cbd216fcdb 6.2/alpha/BitchX-1.0c16-1.alpha.rpm 93a409b68bdef05468a86bfdae2cb8d5 6.2/i386/BitchX-1.0c16-1.i386.rpm 2317c93fa3ed3a0ee0566ecd1c6d98ad 6.2/sparc/BitchX-1.0c16-1.sparc.rpm
These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:

You can verify each package with the following command: rpm --checksig
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

References

Thanks to Colten Edwards <edwards@bitchx.dimension6.com> for making us aware of the problem. `

Package List


Severity
Advisory ID: RHSA-2000:042-01
Issued Date: : 2000-07-06
Updated on: 2000-07-06
Product: Red Hat Powertools
Keywords: DoS
Cross references: N/A

Topic


Topic

A denial of service vulnerability exists in BitchX.


 

Relevant Releases Architectures

Red Hat Powertools 6.0 - i386, alpha, sparc

Red Hat Powertools 6.1 - i386, alpha, sparc

Red Hat Powertools 6.2 - i386, alpha, sparc


Bugs Fixed


Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved