Bug#405828: CVE-2006-6811: Buffer overflow in KsIRC

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#405828: CVE-2006-6811: Buffer overflow in KsIRC
From: Stefan Fritsch <sf@sfritsch.de>
Date: Sat, 06 Jan 2007 16:38:54 +0100
Message-id: <[🔎] 20070106153854.20780.26449.reportbug@k.lan>
Reply-to: Stefan Fritsch <sf@sfritsch.de>, 405828@bugs.debian.org

Package: ksirc
Version: 4:3.5.5-3
Severity: grave
Tags: security
Justification: user security hole



A vulnerability has been reported in ksirc 1.3.12 which is Debian's 4:3.5.5-*:

Buffer overflow in KsIRC 1.3.12 allows remote attackers to execute
arbitrary code via a long PRIVMSG string when connecting to an
Internet Relay Chat (IRC) server.

See

http://www.milw0rm.com/exploits/3023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6811

Reply to:

Follow-Ups:
- Bug#405828: marked as done (CVE-2006-6811: Buffer overflow in KsIRC)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#138662: back and forward buttons history
Next by Date: Bug#405835: kontact: sigsegv on close (backtrace included)
Previous by thread: Bug#138662: back and forward buttons history
Next by thread: Bug#405828: marked as done (CVE-2006-6811: Buffer overflow in KsIRC)
Index(es):
- Date
- Thread