BitchX Remote Send_CTCP() Memory Corruption Vulnerability

Solution:
Slackware has released an advisory (SSA:2003-141-02) and fixes. Information about obtaining and applying fixes are available in the referenced advisory.

Debian has released an advisory (DSA 306-1). Information about obtaining and applying fixes are available in the referenced advisory.

Gentoo has released bitchx-1.0.19-r5 which addresses this issue. Users are advised to upgrade by performing the following commands:

emerge sync
emerge bitchx
emerge clean

An unofficial and untested patch has been released by caf@guarana.org.

It has been reported that these issues have been addressed in the current cvs tree.


BitchX IRC Client 1.0 c19

BitchX IRC Client 1.0 c16


 

Privacy Statement
Copyright 2010, SecurityFocus