Debian: bitchx multiple vulnerabilities

    Date19 May 2003
    CategoryDebian
    3072
    Posted ByLinuxSecurity Advisories
    Timo Sirainen discovered several overflow problems in BitchX.
    
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 306-1                     This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                             Martin Schulze
    May 19th, 2003                           http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : ircii-pana
    Vulnerability  : buffer overflows, integer overflow
    Problem-Type   : remote
    Debian-specific: no
    
    Timo Sirainen discovered several problems in BitchX, a popular client
    for Internet Relay Chat (IRC).  A malicious server could craft special
    reply strings, triggering the client to write beyond buffer boundaries
    or allocate a negative amount of memory.  This could lead to a denial
    of service if the client only crashes, but may also lead to executing
    of arbitrary code under the user id of the chatting user.
    
    For the stable distribution (woody) these problems have been fixed in
    version 1.0-0c19-1.1.
    
    For the old stable distribution (potato) these problems have been
    fixed in version 1.0-0c16-2.1.
    
    For the unstable distribution (sid) these problems have been fixed in
    version 1.0-0c19-8.
    
    We recommend that you upgrade your BitchX package.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 2.2 alias potato
    - ---------------------------------
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/ircii-pana_1.0-0c16-2.1.dsc
          Size/MD5 checksum:      742 65eef951e5eae0c78e118cdc61933ec4
         http://security.debian.org/pool/updates/main/i/ircii-pana/ircii-pana_1.0-0c16-2.1.diff.gz
          Size/MD5 checksum:    38034 7b8484b1ce2450ec0c783647024ee5e7
         http://security.debian.org/pool/updates/main/i/ircii-pana/ircii-pana_1.0-0c16.orig.tar.gz
          Size/MD5 checksum:  1831273 225135d5f90bf03a1ec820f804d818d2
    
      Alpha architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c16-2.1_alpha.deb
          Size/MD5 checksum:  1545022 19e78356e1fe5e65ac8619eed95e4552
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c16-2.1_alpha.deb
          Size/MD5 checksum:   687910 e3cae02b856e5a184939d7b1b90e2c0a
    
      ARM architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c16-2.1_arm.deb
          Size/MD5 checksum:  1354470 eea63662c3e6143af1c97ca402600197
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c16-2.1_arm.deb
          Size/MD5 checksum:   527998 a82f08fad8990c5c9df6cb51bf64a60b
    
      Intel IA-32 architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c16-2.1_i386.deb
          Size/MD5 checksum:  1276648 cebb488e14882b504b309ef9a6a19016
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c16-2.1_i386.deb
          Size/MD5 checksum:   477004 bd56978d20cc2bd2ca35880e7c86626a
    
      Motorola 680x0 architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c16-2.1_m68k.deb
          Size/MD5 checksum:  1238442 f9775d2fcc46ae522190ce5511db57b5
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c16-2.1_m68k.deb
          Size/MD5 checksum:   440760 9fc329b722ebed929d86ae1e27bb8a09
    
      PowerPC architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c16-2.1_powerpc.deb
          Size/MD5 checksum:  1374446 9254327f6a928efb9fe19423cccf850e
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c16-2.1_powerpc.deb
          Size/MD5 checksum:   546390 6b2b210be9b8b145867533c33328bfe9
    
      Sun Sparc architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c16-2.1_sparc.deb
          Size/MD5 checksum:  1377964 a31c87ca024f352a02a0a66626cf9216
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c16-2.1_sparc.deb
          Size/MD5 checksum:   528902 7cec4b7d84cc36c10c75f9345a8a8970
    
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/ircii-pana_1.0-0c19-1.1.dsc
          Size/MD5 checksum:      827 b07cbb9042fbdd71cbf407dd6ecdebfd
         http://security.debian.org/pool/updates/main/i/ircii-pana/ircii-pana_1.0-0c19-1.1.diff.gz
          Size/MD5 checksum:    52566 dd15ba981be495155400c3ef4688e4bd
         http://security.debian.org/pool/updates/main/i/ircii-pana/ircii-pana_1.0-0c19.orig.tar.gz
          Size/MD5 checksum:  2533621 79431ff0880e7317049045981fac8adc
    
      Alpha architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c19-1.1_alpha.deb
          Size/MD5 checksum:  1762768 bcf23496f3142d461bab8e9571f6ff5f
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-dev_1.0-0c19-1.1_alpha.deb
          Size/MD5 checksum:   196178 bdb8338578c89040035252c8e3598012
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c19-1.1_alpha.deb
          Size/MD5 checksum:   654190 dd17cbcd957fa60c62eff6f74a3de7a7
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-ssl_1.0-0c19-1.1_alpha.deb
          Size/MD5 checksum:   615898 cec7b443b8b96aca4825a3d03eb3d362
    
      ARM architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c19-1.1_arm.deb
          Size/MD5 checksum:  1592266 24975a31357e95e496376e042ec54189
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-dev_1.0-0c19-1.1_arm.deb
          Size/MD5 checksum:   196188 beb55cb8d06b200e40f8ebb277b946fb
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c19-1.1_arm.deb
          Size/MD5 checksum:   522312 69708abc715673b19b73d60993cef7fa
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-ssl_1.0-0c19-1.1_arm.deb
          Size/MD5 checksum:   494728 594696946be3bce333b1d7f34fe675d9
    
      Intel IA-32 architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c19-1.1_i386.deb
          Size/MD5 checksum:  1467032 92d7bae58665df7d494d40437c730849
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-dev_1.0-0c19-1.1_i386.deb
          Size/MD5 checksum:   196182 9be1fc9a26ba1acbf8dd9aec524795a9
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c19-1.1_i386.deb
    
          Size/MD5 checksum:   424724 eb87262649962e1dec16a3e31e4326f2
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-ssl_1.0-0c19-1.1_i386.deb
          Size/MD5 checksum:   399470 f4de847829ab7f2c3c1cbac2b27b954d
    
      Intel IA-64 architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c19-1.1_ia64.deb
          Size/MD5 checksum:  2053932 87b3e753582605c792fe2dc055f918f2
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-dev_1.0-0c19-1.1_ia64.deb
          Size/MD5 checksum:   196176 ea0edfdd1ac7c407da49ba026caa32f8
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c19-1.1_ia64.deb
          Size/MD5 checksum:   897404 2bbb6b80230c8039b62680456c508555
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-ssl_1.0-0c19-1.1_ia64.deb
          Size/MD5 checksum:   848754 2b239c4c383c666f13844aa54e123d2e
    
      HP Precision architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c19-1.1_hppa.deb
          Size/MD5 checksum:  1744986 772b93bf7f7c2e6ba3d90f114750ceeb
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-dev_1.0-0c19-1.1_hppa.deb
          Size/MD5 checksum:   196178 b37d796acca2abc1abd54ab3e14d41a6
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c19-1.1_hppa.deb
          Size/MD5 checksum:   647490 c8cfc04f5b0cb0840b336cb9ba892431
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-ssl_1.0-0c19-1.1_hppa.deb
          Size/MD5 checksum:   613858 14d127dc0bccb3463c6a24f13e7effe1
    
      Motorola 680x0 architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c19-1.1_m68k.deb
          Size/MD5 checksum:  1433828 65977e6e7bbbefbc233d2355939ded16
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-dev_1.0-0c19-1.1_m68k.deb
          Size/MD5 checksum:   196198 751bf1fb26b5934563d6442ea2a0367c
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c19-1.1_m68k.deb
          Size/MD5 checksum:   391890 d3ad291d22f599081d2c99445c1f8d28
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-ssl_1.0-0c19-1.1_m68k.deb
          Size/MD5 checksum:   366952 941ce99a34d200d1fec02df761f58e80
    
      Big endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c19-1.1_mips.deb
          Size/MD5 checksum:  1634450 1e81f00257a111aa71aaa906c6bd126b
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-dev_1.0-0c19-1.1_mips.deb
          Size/MD5 checksum:   196182 b0bc131fade3f708dda4c24871f1c149
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c19-1.1_mips.deb
          Size/MD5 checksum:   577348 f096553053955f27a9a932c5ab62b319
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-ssl_1.0-0c19-1.1_mips.deb
          Size/MD5 checksum:   546220 901ca4a9015457d979c1516e2be8bf0b
    
      Little endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c19-1.1_mipsel.deb
          Size/MD5 checksum:  1634336 71c0bd90ad7300b165ffd886f1da9ae6
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-dev_1.0-0c19-1.1_mipsel.deb
          Size/MD5 checksum:   196188 ecf836f7c50b30d6791fd4209eac6d74
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c19-1.1_mipsel.deb
          Size/MD5 checksum:   576110 4740f8ce0df5f38a7d359a6cb5d25d03
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-ssl_1.0-0c19-1.1_mipsel.deb
          Size/MD5 checksum:   545824 cd9fd89bc340475b14b4967f2bc38746
    
      PowerPC architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c19-1.1_powerpc.deb
          Size/MD5 checksum:  1606938 f1ecbc2af55e9d5f50534fd8a1276864
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-dev_1.0-0c19-1.1_powerpc.deb
          Size/MD5 checksum:   196178 fd445c5121bb7d880f045b7ad77ec572
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c19-1.1_powerpc.deb
          Size/MD5 checksum:   534520 d4a05d08a6b8e2ec40d642994fff0b87
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-ssl_1.0-0c19-1.1_powerpc.deb
          Size/MD5 checksum:   506680 4e2f2a32e1417fab76b2dd028ffa42d7
    
      IBM S/390 architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c19-1.1_s390.deb
          Size/MD5 checksum:  1551494 bad3049b49862b96144249f5e28a1a56
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-dev_1.0-0c19-1.1_s390.deb
          Size/MD5 checksum:   196172 bff4b6c07fd2527a302ebd12319c1969
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c19-1.1_s390.deb
          Size/MD5 checksum:   492848 c380131ac044f0a558be9294c12de09b
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-ssl_1.0-0c19-1.1_s390.deb
          Size/MD5 checksum:   465254 4f1d52f85920776dca6943c3f497c006
    
      Sun Sparc architecture:
    
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx_1.0-0c19-1.1_sparc.deb
          Size/MD5 checksum:  1619738 fc77f331f59403bd4d6c99f40a8d6736
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-dev_1.0-0c19-1.1_sparc.deb
          Size/MD5 checksum:   196180 07f9cf646c35fa15044931e5c5b1295e
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-gtk_1.0-0c19-1.1_sparc.deb
          Size/MD5 checksum:   508480 a1cc7e17a32fccb090fb6f68225bcdd1
         http://security.debian.org/pool/updates/main/i/ircii-pana/bitchx-ssl_1.0-0c19-1.1_sparc.deb
          Size/MD5 checksum:   479924 d80452a69cb7cd36d12d9b7b86ead700
    
    
      These files will probably be moved into the stable distribution on
      its next revision.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and  http://packages.debian.org/
    
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"24","type":"x","order":"1","pct":54.55,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":11.36,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"15","type":"x","order":"3","pct":34.09,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.