[MBT] new entry in pkg epic4 "Possibly buffer overflows?"
bugs at pld.org.pl
bugs at pld.org.pl
Wed May 14 17:48:14 CEST 2003
Date: 2003-05-14 17:48:14+02 Author: (kreutzm) <kreutzm at itp.uni-hannover.de>
Title: Possibly buffer overflows?
Ticket ID: #646
Ticket URL: http://bugs.pld.org.pl/?bug=646
Package: epic4-1:1.0.1-5
Distribution: PLD-1.0.main
Category: security problem
Current state: opened
Text:
This is no confirmed, see DSA 298-1:
Timo Sirainen discovered several problems in EPIC4, a popular client for Internet Relay Chat (IRC). A malicious server could craft special reply strings, triggering the client to write beyond buffer boundaries. This could lead to a denial of service if the client only crashes, but may also lead to executing of arbitrary code under the user id of the chatting user.
*** State changed to 'opened'
More information about the pld-bugs
mailing list