Ubuntu USN-800-1 (irssi) Network Vulnerability

Summary

The remote host is missing an update to irssi announced via advisory USN-800-1.

Solution

The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: irssi 0.8.10-1ubuntu1.1 Ubuntu 8.04 LTS: irssi 0.8.12-3ubuntu3.1 Ubuntu 8.10: irssi 0.8.12-4ubuntu2.1 Ubuntu 9.04: irssi 0.8.12-6ubuntu1.1 After a standard system upgrade you need to restart irssi to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-800-1

Insight

It was discovered that irssi did not properly check the length of strings when processing WALLOPS messages. If a user connected to an IRC network where an attacker had IRC operator privileges, a remote attacker could cause a denial of service.

Severity

Classification

CVE CVE-2009-1959
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for avahi vulnerability USN-1084-1
Ubuntu Update for backuppc USN-1444-1
Ubuntu Update for clamav vulnerability USN-684-1
Ubuntu Update for clamav USN-1816-1
Ubuntu Update for apport USN-2007-1

Take action and discover your vulnerabilities