Gentoo Security Advisory GLSA 200411-24 (BNC) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200411-24.

Solution

All BNC users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-irc/bnc-2.9.1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200411-24 http://bugs.gentoo.org/show_bug.cgi?id=70674 http://gotbnc.com/changes.html http://security.lss.hr/en/index.php?page=details&ID=LSS-2004-11-03

Insight

BNC contains a buffer overflow vulnerability that may lead to Denial of Service and execution of arbitrary code.

Severity

Classification

CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200403-06 (Courier)
Gentoo Security Advisory GLSA 200405-25 (tla)
Gentoo Security Advisory GLSA 200407-16 (Kernel)
Gentoo Security Advisory GLSA 200408-13 (kde, kdebase, kdelibs)
Gentoo Security Advisory GLSA 200409-10 (multi-gnome-terminal)

Take action and discover your vulnerabilities