Gentoo Security Advisory GLSA 200411-24 (BNC) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200411-24.

Solution

All BNC users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-irc/bnc-2.9.1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200411-24 http://bugs.gentoo.org/show_bug.cgi?id=70674 http://gotbnc.com/changes.html http://security.lss.hr/en/index.php?page=details&ID=LSS-2004-11-03

Insight

BNC contains a buffer overflow vulnerability that may lead to Denial of Service and execution of arbitrary code.

Severity

Classification

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200405-07 (Exim)
Gentoo Security Advisory GLSA 200406-14 (aspell)
Gentoo Security Advisory GLSA 200406-10 (gallery)
Gentoo Security Advisory GLSA 200311-08 (Libnids)
Gentoo Security Advisory GLSA 200310-03 (Apache)

Take action and discover your vulnerabilities