Full Disclosure mailing list archives
GLSA: bitchx (200302-11)
From: Daniel Ahlberg <aliz () gentoo org>
Date: Thu, 20 Feb 2003 18:48:06 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200302-11 - - --------------------------------------------------------------------- PACKAGE : bitchx SUMMARY : denial of service DATE : 2003-02-20 17:47 UTC EXPLOIT : remote - - --------------------------------------------------------------------- - From advisory: "A denial of service vulnerability exists in BitchX. Sending a malformed RPL_NAMREPLY numeric 353 causes BitchX to segfault." Read the full advisory at: http://marc.theaimsgroup.com/?l=bugtraq&m=104554352513997&w=2 SOLUTION It is recommended that all Gentoo Linux users who are running net-irc/bitchx upgrade to bitchx-1.0.19-r4 as follows: emerge sync emerge -u bitchx emerge clean - - --------------------------------------------------------------------- aliz () gentoo org - GnuPG key is available at http://cvs.gentoo.org/~aliz - - --------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+VRTLfT7nyhUpoZMRAvqiAJ4kel27B+vLN8ZRuxYZGqLvhlrvMACdFB+z 6LgjJMmjYP+/EGRH0nGzAmI= =dRwx -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- GLSA: bitchx (200302-11) Daniel Ahlberg (Feb 20)