|
|
Family: Debian Local Security Checks --> Category: infos
[DSA399] DSA-399-1 epic4 Vulnerability Scan
Vulnerability Scan Summary
DSA-399-1 epic4
Detailed Explanation for this Vulnerability Test
Jeremy Nelson discovered a remotely exploitable buffer overflow in
EPIC4, a popular client for Internet Relay Chat (IRC). A malicious
server could craft a reply which triggers the client to allocate a
negative amount of memory. This could lead to a denial of service if
the client only crashes, but may also lead to executing of arbitrary
code under the user id of the chatting user.
For the stable distribution (woody) this problem has been fixed in
version 1.1.2.20020219-2.2.
For the unstable distribution (sid) this problem has been fixed in
version 1.1.11.20030409-2.
We recommend that you upgrade your epic4 package.
Solution : http://www.debian.org/security/2003/dsa-399
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
