Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Gentoo: 200312-06 Medium: Xchat Denial Of Service Attack

gentoo
Calendar Grey December 15, 2003
Dist Gentoo Esm H88
A remotely exploitable bug in Xchat could lead to service disruption; upgrade to the patched version to mitigate risks.
There is a remotely exploitable bug in xchat 2.0.6 that could lead to a denialof service attack

Summary


---------------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200312-06
---------------------------------------------------------------------------
GLSA:        200312-06
Package:     net-irc/xchat 
Summary:     Malformed dcc send requests in xchat-2.0.6 lead to a denial of
             service
Severity:    medium 
Gentoo bug:  35623
Date:        2003-12-14
CVE:         none 
Exploit:     remote 
Affected:    =2.0.6
Fixed:       >=2.0.6-r1


DESCRIPTION:
There is a remotely exploitable bug in xchat 2.0.6 that could lead to a denial of service attack. This is caused by sending a malformed DCC packet to xchat 2.0.6, causing it to crash. Versions prior to 2.0.6 do not appear to be affected by this bug.
For more information, please see:


SOLUTION:
For Gentoo users, xchat-2.0.6 was marked ~arch (unstable) for most architectures. Since it was never marked as stable in the portage tree, only xchat users who have explictly added the unsta...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
medium
Lowest
Low
Medium
High
Critical


Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/70100_4c9dbbdde36eef04251a4ced7eac4df9 on line 11

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here