CVE-2007-5226 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5226): irc_server.c in dircproxy 1.2.0 and earlier allows remote attackers to cause a denial of service (segmentation fault) via an ACTION command without a parameter, which triggers a NULL pointer dereference, as demonstrated using a blank /me message from irssi.
A patch for 1.0.5 can be found here: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=10;filename=nmu.patch;att=1;bug=445883 The 1.2.0 code is different, but the fix should do the same (check for NULL pointer). net-irc, please advise.
Created attachment 133035 [details, diff] dircproxy-1.2.0-blank-me-segfault.patch Oh, yeah. And because you're all lazy, here's the patch. Courtesy of Fedora.
Fixed in: dircproxy-1.0.5-r1 dircproxy-1.1.0-r2 dircproxy-1.2.0_beta2-r1 Stabilize 1.0.5-r1
Thanks. Arches, please stabilise net-irc/dircproxy-1.0.5-r1. Targets are: "alpha amd64 ppc x86".
Please do
(In reply to comment #5) > Please do > Blah, seems I forgot to click the "Add archs" button after selecting the archs in the pull-down menu once again. Thanks for adding them.
Stable on x86
alpha stable
ppc stable
amd64 stable
1, 2, 3, vote!
I vote NO.
Trivial to trigger, and annoying. I would vote Yes.
It is an annoying bug, but it can only be triggered by authenticated users to deny their own service, and those of others if it is configured for multiple users. I'd say no.
NO wins. Closing without GLSA. Feel free to reopen if you disagree.