Ubuntu USN-800-1 (irssi) Network Vulnerability

Summary

The remote host is missing an update to irssi announced via advisory USN-800-1.

Solution

The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: irssi 0.8.10-1ubuntu1.1 Ubuntu 8.04 LTS: irssi 0.8.12-3ubuntu3.1 Ubuntu 8.10: irssi 0.8.12-4ubuntu2.1 Ubuntu 9.04: irssi 0.8.12-6ubuntu1.1 After a standard system upgrade you need to restart irssi to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-800-1

Insight

It was discovered that irssi did not properly check the length of strings when processing WALLOPS messages. If a user connected to an IRC network where an attacker had IRC operator privileges, a remote attacker could cause a denial of service.

Severity

Classification

CVE CVE-2009-1959

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for dovecot USN-1143-1
Ubuntu Update for apport USN-1668-1
Ubuntu Update for cups USN-2144-1
Ubuntu Update for apt USN-2246-1
Ubuntu Update for aptdaemon USN-1414-1

Take action and discover your vulnerabilities