Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 271875 (CVE-2009-1959) - <net-irc/irssi-0.8.13-r1 WALLOPS heap off-by-one (CVE-2009-1959)
Summary: <net-irc/irssi-0.8.13-r1 WALLOPS heap off-by-one (CVE-2009-1959)
Status: RESOLVED FIXED
Alias: CVE-2009-1959
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://bugs.irssi.org/index.php?do=de...
Whiteboard: B1 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-05-30 13:18 UTC by Stefan Behte (RETIRED)
Modified: 2020-04-06 20:48 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-05-30 13:18:34 UTC 
A remotely exploitable off-by-one was found in irssi 0.8.13. It's exloitable from a server only.

See $URL and http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite/
Comment 1 Sven Wegener gentoo-dev 2009-05-31 16:14:25 UTC 
The patch from svn has been included in irssi-0.8.13-r1.
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2009-05-31 16:40:51 UTC 
Arches, please test and mark stable:
=net-irc/irssi-0.8.13-r1
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Comment 3 Brent Baude (RETIRED) gentoo-dev 2009-05-31 23:36:29 UTC 
ppc64 done
Comment 4 Dawid Węgliński (RETIRED) gentoo-dev 2009-06-01 00:06:46 UTC 
Stable on amd64
Comment 5 Raúl Porcel (RETIRED) gentoo-dev 2009-06-01 11:39:12 UTC 
alpha/arm/ia64/s390/sh/sparc/x86 stable
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2009-06-02 06:39:54 UTC 
Stable for HPPA.
Comment 7 nixnut (RETIRED) gentoo-dev 2009-06-07 17:01:01 UTC 
ppc stable
Comment 8 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-06-08 18:48:56 UTC 
CVE-2009-1959 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1959):
  Off-by-one error in the event_wallops function in
  fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers
  to cause a denial of service (crash) via an empty command, which
  triggers a one-byte buffer under-read and a one-byte buffer underflow.
Comment 9 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-06-10 19:45:50 UTC 
GLSA request filed.
Comment 10 Stefan Behte (RETIRED) gentoo-dev Security 2009-07-02 19:03:36 UTC 
Sven, can we remove the older, vulnerable versions?
Comment 11 Sven Wegener gentoo-dev 2009-07-05 09:34:43 UTC 
(In reply to comment #10)
> Sven, can we remove the older, vulnerable versions?

we're still missing mips keywording, 0.8.12 is the last stable mips version.
Comment 12 Robert Buchholz (RETIRED) gentoo-dev 2009-07-05 10:24:00 UTC 
MIPS has dropped stable support, you can simply remove that old stable ebuild and remove stable keywords from all that depends on it. Adding MIPS team to confirm this.
Comment 13 Ihar Hrachyshka 2009-09-01 12:28:24 UTC 
Any reason to have vulnerable ebuilds in tree?
Comment 14 Sven Wegener gentoo-dev 2009-09-09 13:17:56 UTC 
I've removed them, dropping the mips stable keyword.
Comment 15 Robert Buchholz (RETIRED) gentoo-dev 2009-09-10 00:06:04 UTC 
still the glsa that needs to be sent, it's already in the queue
Comment 16 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-09-12 16:32:21 UTC 
GLSA 200909-13