FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

irssi -- remote DoS

Affected packages
irssi < 1.0.3

Details

VuXML ID 165e8951-4be0-11e7-a539-0050569f7e80
Discovery 2017-06-06
Entry 2017-06-08

Joseph Bisch reports:

When receiving a DCC message without source nick/host, Irssi would attempt to dereference a NULL pointer.

When receiving certain incorrectly quoted DCC files, Irssi would try to find the terminating quote one byte before the allocated memory.

[source]

References

CVE Name CVE-2017-9468
CVE Name CVE-2017-9469
URL https://irssi.org/security/irssi_sa_2017_06.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.