Debian: bitchx multiple vulnerabilities

    Date 19 May 2003
    Posted By LinuxSecurity Advisories
    Timo Sirainen discovered several overflow problems in BitchX.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 306-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
    May 19th, 2003                 
    - --------------------------------------------------------------------------
    Package        : ircii-pana
    Vulnerability  : buffer overflows, integer overflow
    Problem-Type   : remote
    Debian-specific: no
    Timo Sirainen discovered several problems in BitchX, a popular client
    for Internet Relay Chat (IRC).  A malicious server could craft special
    reply strings, triggering the client to write beyond buffer boundaries
    or allocate a negative amount of memory.  This could lead to a denial
    of service if the client only crashes, but may also lead to executing
    of arbitrary code under the user id of the chatting user.
    For the stable distribution (woody) these problems have been fixed in
    version 1.0-0c19-1.1.
    For the old stable distribution (potato) these problems have been
    fixed in version 1.0-0c16-2.1.
    For the unstable distribution (sid) these problems have been fixed in
    version 1.0-0c19-8.
    We recommend that you upgrade your BitchX package.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 2.2 alias potato
    - ---------------------------------
      Source archives:
          Size/MD5 checksum:      742 65eef951e5eae0c78e118cdc61933ec4
          Size/MD5 checksum:    38034 7b8484b1ce2450ec0c783647024ee5e7
          Size/MD5 checksum:  1831273 225135d5f90bf03a1ec820f804d818d2
      Alpha architecture:
          Size/MD5 checksum:  1545022 19e78356e1fe5e65ac8619eed95e4552
          Size/MD5 checksum:   687910 e3cae02b856e5a184939d7b1b90e2c0a
      ARM architecture:
          Size/MD5 checksum:  1354470 eea63662c3e6143af1c97ca402600197
          Size/MD5 checksum:   527998 a82f08fad8990c5c9df6cb51bf64a60b
      Intel IA-32 architecture:
          Size/MD5 checksum:  1276648 cebb488e14882b504b309ef9a6a19016
          Size/MD5 checksum:   477004 bd56978d20cc2bd2ca35880e7c86626a
      Motorola 680x0 architecture:
          Size/MD5 checksum:  1238442 f9775d2fcc46ae522190ce5511db57b5
          Size/MD5 checksum:   440760 9fc329b722ebed929d86ae1e27bb8a09
      PowerPC architecture:
          Size/MD5 checksum:  1374446 9254327f6a928efb9fe19423cccf850e
          Size/MD5 checksum:   546390 6b2b210be9b8b145867533c33328bfe9
      Sun Sparc architecture:
          Size/MD5 checksum:  1377964 a31c87ca024f352a02a0a66626cf9216
          Size/MD5 checksum:   528902 7cec4b7d84cc36c10c75f9345a8a8970
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      827 b07cbb9042fbdd71cbf407dd6ecdebfd
          Size/MD5 checksum:    52566 dd15ba981be495155400c3ef4688e4bd
          Size/MD5 checksum:  2533621 79431ff0880e7317049045981fac8adc
      Alpha architecture:
          Size/MD5 checksum:  1762768 bcf23496f3142d461bab8e9571f6ff5f
          Size/MD5 checksum:   196178 bdb8338578c89040035252c8e3598012
          Size/MD5 checksum:   654190 dd17cbcd957fa60c62eff6f74a3de7a7
          Size/MD5 checksum:   615898 cec7b443b8b96aca4825a3d03eb3d362
      ARM architecture:
          Size/MD5 checksum:  1592266 24975a31357e95e496376e042ec54189
          Size/MD5 checksum:   196188 beb55cb8d06b200e40f8ebb277b946fb
          Size/MD5 checksum:   522312 69708abc715673b19b73d60993cef7fa
          Size/MD5 checksum:   494728 594696946be3bce333b1d7f34fe675d9
      Intel IA-32 architecture:
          Size/MD5 checksum:  1467032 92d7bae58665df7d494d40437c730849
          Size/MD5 checksum:   196182 9be1fc9a26ba1acbf8dd9aec524795a9
          Size/MD5 checksum:   424724 eb87262649962e1dec16a3e31e4326f2
          Size/MD5 checksum:   399470 f4de847829ab7f2c3c1cbac2b27b954d
      Intel IA-64 architecture:
          Size/MD5 checksum:  2053932 87b3e753582605c792fe2dc055f918f2
          Size/MD5 checksum:   196176 ea0edfdd1ac7c407da49ba026caa32f8
          Size/MD5 checksum:   897404 2bbb6b80230c8039b62680456c508555
          Size/MD5 checksum:   848754 2b239c4c383c666f13844aa54e123d2e
      HP Precision architecture:
          Size/MD5 checksum:  1744986 772b93bf7f7c2e6ba3d90f114750ceeb
          Size/MD5 checksum:   196178 b37d796acca2abc1abd54ab3e14d41a6
          Size/MD5 checksum:   647490 c8cfc04f5b0cb0840b336cb9ba892431
          Size/MD5 checksum:   613858 14d127dc0bccb3463c6a24f13e7effe1
      Motorola 680x0 architecture:
          Size/MD5 checksum:  1433828 65977e6e7bbbefbc233d2355939ded16
          Size/MD5 checksum:   196198 751bf1fb26b5934563d6442ea2a0367c
          Size/MD5 checksum:   391890 d3ad291d22f599081d2c99445c1f8d28
          Size/MD5 checksum:   366952 941ce99a34d200d1fec02df761f58e80
      Big endian MIPS architecture:
          Size/MD5 checksum:  1634450 1e81f00257a111aa71aaa906c6bd126b
          Size/MD5 checksum:   196182 b0bc131fade3f708dda4c24871f1c149
          Size/MD5 checksum:   577348 f096553053955f27a9a932c5ab62b319
          Size/MD5 checksum:   546220 901ca4a9015457d979c1516e2be8bf0b
      Little endian MIPS architecture:
          Size/MD5 checksum:  1634336 71c0bd90ad7300b165ffd886f1da9ae6
          Size/MD5 checksum:   196188 ecf836f7c50b30d6791fd4209eac6d74
          Size/MD5 checksum:   576110 4740f8ce0df5f38a7d359a6cb5d25d03
          Size/MD5 checksum:   545824 cd9fd89bc340475b14b4967f2bc38746
      PowerPC architecture:
          Size/MD5 checksum:  1606938 f1ecbc2af55e9d5f50534fd8a1276864
          Size/MD5 checksum:   196178 fd445c5121bb7d880f045b7ad77ec572
          Size/MD5 checksum:   534520 d4a05d08a6b8e2ec40d642994fff0b87
          Size/MD5 checksum:   506680 4e2f2a32e1417fab76b2dd028ffa42d7
      IBM S/390 architecture:
          Size/MD5 checksum:  1551494 bad3049b49862b96144249f5e28a1a56
          Size/MD5 checksum:   196172 bff4b6c07fd2527a302ebd12319c1969
          Size/MD5 checksum:   492848 c380131ac044f0a558be9294c12de09b
          Size/MD5 checksum:   465254 4f1d52f85920776dca6943c3f497c006
      Sun Sparc architecture:
          Size/MD5 checksum:  1619738 fc77f331f59403bd4d6c99f40a8d6736
          Size/MD5 checksum:   196180 07f9cf646c35fa15044931e5c5b1295e
          Size/MD5 checksum:   508480 a1cc7e17a32fccb090fb6f68225bcdd1
          Size/MD5 checksum:   479924 d80452a69cb7cd36d12d9b7b86ead700
      These files will probably be moved into the stable distribution on
      its next revision.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and

    LinuxSecurity Poll

    Do you feel that the Lawful Access to Encrypted Data Act, which aims to force encryption backdoors, is a threat to US citizens' privacy?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"106","title":"Yes - I am a privacy advocate and I am strongly opposed to this bill.","votes":"23","type":"x","order":"1","pct":95.83,"resources":[]},{"id":"107","title":"I'm undecided - it has its pros and cons.","votes":"1","type":"x","order":"2","pct":4.17,"resources":[]},{"id":"108","title":"No - I support this bill and feel that it will help protect against crime and threats to our national security. ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200


    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.