Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 336321 (CVE-2010-3071) - <net-irc/bip-0.8.5-r1: Denial of Service Vulnerability (CVE-2010-3071)
Summary: <net-irc/bip-0.8.5-r1: Denial of Service Vulnerability (CVE-2010-3071)
Status: RESOLVED FIXED
Alias: CVE-2010-3071
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/41285/
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-09-07 03:45 UTC by Tim Sammut (RETIRED)
Modified: 2012-01-30 12:46 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
patch (0001-Check-LINK-lc-before-using-it-to-avoid-a-null-pointe.patch,1.36 KB, patch)
2010-09-09 14:49 UTC, Alex Legler (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Sammut (RETIRED) gentoo-dev 2010-09-07 03:45:15 UTC
From $url:

A vulnerability has been discovered in Bip, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a NULL pointer deference error within the function "bip_on_event()" in src/irc.c, which can be exploited to cause a crash by sending specially crafted data to Bip's listening socket (e.g. 7778/TCP).

The vulnerability is confirmed in version 0.8.5. Other versions may also be affected.
Comment 1 Tim Sammut (RETIRED) gentoo-dev 2010-09-07 18:58:32 UTC
This has been assigned CVE-2010-3071.
Comment 2 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-09-09 14:49:23 UTC
Created attachment 246608 [details, diff]
patch

I'll apply the attached patch to our ebuild. It's not approved by upstream, but nohar isn't responding at the moment and this DoS might get very annoying as there is no authentication needed to exploit it.
Comment 3 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-09-09 14:53:11 UTC
Arches, please test and mark stable:
=net-irc/bip-0.8.5-r1
Target keywords : "amd64 x86"
Comment 4 Myckel Habets 2010-09-09 19:58:44 UTC
Builds and runs fine on x86. Please mark stable for x86.
Comment 5 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-09-10 04:13:32 UTC
x86 stable, thanks Myckel
Comment 6 Markos Chandras (RETIRED) gentoo-dev 2010-09-10 10:49:50 UTC
amd64 done
Comment 7 Vincent-Xavier JUMEL 2010-09-16 15:43:03 UTC
There's a 0.8.6 version which fixes the bug.
Comment 8 Stefan Behte (RETIRED) gentoo-dev Security 2010-09-22 22:42:19 UTC
The patch was backported and released as net-irc/bip-0.8.5-r1.

GLSA vote: yes.
Comment 9 Tim Sammut (RETIRED) gentoo-dev 2010-10-01 04:11:58 UTC
GLSA Vote: Yes, remote DoS in a multi-user service.

GLSA request filed.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2012-01-30 12:46:11 UTC
This issue was resolved and addressed in
 GLSA 201201-18 at http://security.gentoo.org/glsa/glsa-201201-18.xml
by GLSA coordinator Alex Legler (a3li).