|
Message-ID: <Pine.GSO.4.51.0906061349060.28142@faron.mitre.org> Date: Sat, 6 Jun 2009 13:49:13 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security <oss-security@...ts.openwall.com> cc: coley@...re.org Subject: Re: CVE Request (irssi) ====================================================== Name: CVE-2009-1959 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1959 Reference: MLIST:[oss-security] 20090529 CVE Request (irssi) Reference: URL:http://www.openwall.com/lists/oss-security/2009/05/29/3 Reference: MISC:http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite/ Reference: CONFIRM:http://bugs.irssi.org/index.php?do=details&task_id=662 Reference: CONFIRM:http://www.irssi.org/ChangeLog Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.