PT-2019-2635 · Irssi+7 · Irssi+7

Ilbelkyr

·

Publicado

2019-01-29

·

Atualizado

2024-06-15

·

CVE-2019-13045

CVSS v2.0

9.3

Alta

VetorAV:N/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Irssi versions 1.0.0 through 1.0.7 Irssi versions 1.1.0 through 1.1.2 Irssi versions 1.2.0
Description The issue is related to a use after free error when sending SASL login to the server, which occurs when SASL is enabled. This can potentially allow a remote attacker to cause a denial of service or execute arbitrary code.
Recommendations For Irssi versions 1.0.0 through 1.0.7, update to version 1.0.8 or later. For Irssi versions 1.1.0 through 1.1.2, update to version 1.1.3 or later. For Irssi versions 1.2.0, update to version 1.2.1 or later.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALSA-2020:1616
ALT-PU-2020-3468
ALT-PU-2020-3488
ALT-PU-2024-3802
AZL-45354
BDU:2019-02521
CESA-2020_1616
CVE-2019-13045
DLA-3025-1
MGASA-2019-0206
OPENSUSE-SU-2019:1690-1
OPENSUSE-SU-2019:1894-1
OPENSUSE-SU-2019_1690-1
OPENSUSE-SU-2024:10865-1
RHSA-2020:1616
RHSA-2020_1616
RLSA-2020:1616
USN-4046-1

Produtos afetados

Alt Linux
Almalinux
Centos
Irssi
Red Hat
Rocky Linux
Suse
Ubuntu