ID CVE-2017-10966
Summary An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick while updating it. This would then result in use-after-free conditions on each access of the hash table.
References
Vulnerable Configurations
  • Irssi 1.0.3
    cpe:2.3:a:irssi:irssi:1.0.3
CVSS
Base: 7.5
Impact:
Exploitability:
CWE CWE-416
CAPEC
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_31001C6B63E711E785AAA4BADB2F4699.NASL
    description irssi reports : When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. While updating the internal nick list, Irssi may incorrectly use the GHashTable interface and free the nick while updating it. This will then result in use-after-free conditions on each access of the hash table.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 101330
    published 2017-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101330
    title FreeBSD : irssi -- multiple vulnerabilities (31001c6b-63e7-11e7-85aa-a4badb2f4699)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1089.NASL
    description Some Irssi issues were found : CVE-2017-10965 An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. CVE-2017-10966 An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTable interface and free the nick while updating it. This would then result in use-after-free conditions on each access of the hash table. For Debian 7 'Wheezy', these problems have been fixed in version 0.8.15-5+deb7u3. We recommend that you upgrade your irssi packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-09
    plugin id 102962
    published 2017-09-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102962
    title Debian DLA-1089-1 : irssi security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-90AD72E684.NASL
    description This is an update fixing CVE-2017-10965 and CVE-2017-10966. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-02
    plugin id 102396
    published 2017-08-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102396
    title Fedora 25 : irssi (2017-90ad72e684)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2017-190-01.NASL
    description New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
    last seen 2018-09-01
    modified 2018-01-26
    plugin id 101317
    published 2017-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101317
    title Slackware 14.0 / 14.1 / 14.2 / current : irssi (SSA:2017-190-01)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-114E1ABF9D.NASL
    description This is an update fixing CVE-2017-10965 and CVE-2017-10966. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-01
    plugin id 101825
    published 2017-07-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101825
    title Fedora 26 : irssi (2017-114e1abf9d)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3465-1.NASL
    description Brian Carpenter discovered that Irssi incorrectly handled messages with invalid time stamps. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-10965) Brian Carpenter discovered that Irssi incorrectly handled the internal nick list. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-10966) Joseph Bisch discovered that Irssi incorrectly removed destroyed channels from the query list. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-15227) Hanno Bock discovered that Irssi incorrectly handled themes. If a user were tricked into using a malicious theme, a attacker could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-15228) Joseph Bisch discovered that Irssi incorrectly handled certain DCC CTCP messages. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-15721) Joseph Bisch discovered that Irssi incorrectly handled certain channel IDs. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-15722) Joseph Bisch discovered that Irssi incorrectly handled certain long nicks or targets. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-15723). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 104212
    published 2017-10-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=104212
    title Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : irssi vulnerabilities (USN-3465-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4016.NASL
    description Multiple vulnerabilities have been discovered in Irssi, a terminal based IRC client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2017-10965 Brian 'geeknik' Carpenter of Geeknik Labs discovered that Irssi does not properly handle receiving messages with invalid time stamps. A malicious IRC server can take advantage of this flaw to cause Irssi to crash, resulting in a denial of service. - CVE-2017-10966 Brian 'geeknik' Carpenter of Geeknik Labs discovered that Irssi is susceptible to a use-after-free flaw triggered while updating the internal nick list. A malicious IRC server can take advantage of this flaw to cause Irssi to crash, resulting in a denial of service. - CVE-2017-15227 Joseph Bisch discovered that while waiting for the channel synchronisation, Irssi may incorrectly fail to remove destroyed channels from the query list, resulting in use after free conditions when updating the state later on. A malicious IRC server can take advantage of this flaw to cause Irssi to crash, resulting in a denial of service. - CVE-2017-15228 Hanno Boeck reported that Irssi does not properly handle installing themes with unterminated colour formatting sequences, leading to a denial of service if a user is tricked into installing a specially crafted theme. - CVE-2017-15721 Joseph Bisch discovered that Irssi does not properly handle incorrectly formatted DCC CTCP messages. A remote attacker can take advantage of this flaw to cause Irssi to crash, resulting in a denial of service. - CVE-2017-15722 Joseph Bisch discovered that Irssi does not properly verify Safe channel IDs. A malicious IRC server can take advantage of this flaw to cause Irssi to crash, resulting in a denial of service. - CVE-2017-15723 Joseph Bisch reported that Irssi does not properly handle overlong nicks or targets resulting in a NULL pointer dereference when splitting the message and leading to a denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 104400
    published 2017-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=104400
    title Debian DSA-4016-1 : irssi - security update
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-797.NASL
    description This update for irssi to version fixes the following issues : - CVE-2017-10965: A malicious server could cause irssi to crash by providing an invalid timestamp - CVE-2017-10966: Undefined behavior may be triggered when irssi updates the internal nick list A number of minor upstream bug fixes are also included.
    last seen 2019-02-21
    modified 2018-01-26
    plugin id 101347
    published 2017-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101347
    title openSUSE Security Update : irssi (openSUSE-2017-797)
refmap via4
confirm
debian DSA-4016
Last major update 07-07-2017 - 10:29
Published 07-07-2017 - 10:29
Last modified 04-11-2017 - 21:29
Back to Top