Ubuntu Local Security Checks : Ubuntu Update for irssi USN-3465-1

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.843350

Kategorie: Ubuntu Local Security Checks

Titel: Ubuntu Update for irssi USN-3465-1

Zusammenfassung: The remote host is missing an update for the 'irssi'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'irssi'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Brian Carpenter discovered that Irssi
incorrectly handled messages with invalid time stamps. A malicious IRC server
could use this issue to cause Irssi to crash, resulting in a denial of service.
(CVE-2017-10965) Brian Carpenter discovered that Irssi incorrectly handled the
internal nick list. A malicious IRC server could use this issue to cause Irssi
to crash, resulting in a denial of service. (CVE-2017-10966) Joseph Bisch
discovered that Irssi incorrectly removed destroyed channels from the query
list. A malicious IRC server could use this issue to cause Irssi to crash,
resulting in a denial of service. (CVE-2017-15227) Hanno Bck discovered that
Irssi incorrectly handled themes. If a user were tricked into using a malicious
theme, an attacker could use this issue to cause Irssi to crash, resulting in a
denial of service. (CVE-2017-15228) Joseph Bisch discovered that Irssi
incorrectly handled certain DCC CTCP messages. A malicious IRC server could use
this issue to cause Irssi to crash, resulting in a denial of service.
(CVE-2017-15721) Joseph Bisch discovered that Irssi incorrectly handled certain
channel IDs. A malicious IRC server could use this issue to cause Irssi to
crash, resulting in a denial of service. (CVE-2017-15722) Joseph Bisch
discovered that Irssi incorrectly handled certain long nicks or targets. A
malicious IRC server could use this issue to cause Irssi to crash, resulting in
a denial of service. (CVE-2017-15723)

Affected Software/OS:
irssi on Ubuntu 17.04,
Ubuntu 16.04 LTS,
Ubuntu 14.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-10965
Common Vulnerability Exposure (CVE) ID: CVE-2017-10966
Common Vulnerability Exposure (CVE) ID: CVE-2017-15227
Common Vulnerability Exposure (CVE) ID: CVE-2017-15228
Common Vulnerability Exposure (CVE) ID: CVE-2017-15721
Common Vulnerability Exposure (CVE) ID: CVE-2017-15722
Common Vulnerability Exposure (CVE) ID: CVE-2017-15723

Copyright Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.843350
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu Update for irssi USN-3465-1
Zusammenfassung:	The remote host is missing an update for the 'irssi'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'irssi' package(s) announced via the referenced advisory. Vulnerability Insight: Brian Carpenter discovered that Irssi incorrectly handled messages with invalid time stamps. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-10965) Brian Carpenter discovered that Irssi incorrectly handled the internal nick list. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-10966) Joseph Bisch discovered that Irssi incorrectly removed destroyed channels from the query list. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-15227) Hanno Bck discovered that Irssi incorrectly handled themes. If a user were tricked into using a malicious theme, an attacker could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-15228) Joseph Bisch discovered that Irssi incorrectly handled certain DCC CTCP messages. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-15721) Joseph Bisch discovered that Irssi incorrectly handled certain channel IDs. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-15722) Joseph Bisch discovered that Irssi incorrectly handled certain long nicks or targets. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-15723) Affected Software/OS: irssi on Ubuntu 17.04, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-10965 Common Vulnerability Exposure (CVE) ID: CVE-2017-10966 Common Vulnerability Exposure (CVE) ID: CVE-2017-15227 Common Vulnerability Exposure (CVE) ID: CVE-2017-15228 Common Vulnerability Exposure (CVE) ID: CVE-2017-15721 Common Vulnerability Exposure (CVE) ID: CVE-2017-15722 Common Vulnerability Exposure (CVE) ID: CVE-2017-15723
Copyright	Copyright (C) 2017 Greenbone Networks GmbH