Summary: | net-irc/bnc: backspace security flaw | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Matthias Geerdsen (RETIRED) <vorlon> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | net-irc |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://www.gotbnc.com/changes.html | ||
Whiteboard: | B3 [glsa] vorlon | ||
Package list: | Runtime testing required: | --- |
Description
Matthias Geerdsen (RETIRED)
2004-10-09 12:58:12 UTC
Commited to CVS and marked stable on x86. Thanks for the quick reaction Sven. arches, pls test and mark 2.8.9 stable current KEYWORDS="x86 ~ppc ~sparc ~alpha ~arm" target KEYWORDS="x86 ppc sparc alpha arm" Stable on sparc. stable on ppc Stable on alpha. Sent mail upstrem asking for more information. Changed to [glsa?], but should wait for a reply. Got back the following information: bnc 2.6.4 introduced a new input parsing routine. The function sbuf_getmsg would process the received data into lines. Part of this function would interpret the backspace character 008 and step backwards on the input processing. This would allow a malicious user to send backspaces to clear the true credentials, and then insert fake creditials to gain access to low security bots or weak irc scripts that was on the client end of a BNC. also http://securitytracker.com/id?1011583 Description: A vulnerability was reported in BNC. A remote user can send arbitrary commands to a bot running BNC. The vendor reported that the software contains a flaw in the processing of the backspace character (ASCII 8). A remote user can send data that includes backspace characters to delete and replace data sent to the BNC bot to issue commands with arbitrary authentication credentials. So it's a B3. Please vote on GLSA need... I suppose we should issue one ? Yep, qualifies for a GLSA in my opinion. agreed, should issue a GLSA ready for a GLSA GLSA 200410-13 arm should mark stable to benefit from GLSA |