Re: CVE Request: Charybdis and ircd-ratbox remote crash flaw

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/31/2012 11:34 PM, Huzaifa Sidhpurwala wrote:
> Hi All,
>
> Saw this report about Charybdis and ircd-ratbox remote crash flaw
> at:
>
> http://rabbit.dereferenced.org/~nenolod/ASA-2012-12-31.txt 
> http://tech.slashdot.org/story/12/12/31/2241229/efnet-paralyzed-by-vulnerability
>
>  Researcher advisory suggests both the products are affected.
>
> Sadly i could not get the contact details of either of the
> products to copy on this email.
>
> Should we be assigning CVEs to these issues?

Please use CVE-2012-6084 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQ4om3AAoJEBYNRVNeJnmTJ2sQAMWeu0rAxwKD77SLyVtwurt+
cJ1DFrRcBrqMVRWiJOB9MsyaCUyts5JNUlL2lU4k/F4k4j3byi7V1iT/cvcTkqjZ
E1lK7cBaErAODGunysmccTxA6of7QEL5HNpW8M+R9YGoicdjODm1Cst7eAdkhubm
eP3HklZ0PgCPqUee9/OIHRf10BVfM4hVl6oRupj7Q6eIRBy6spYEY9ICdDbwKRFZ
sxZMKhyWijJGAfXcTNeElJX29/QvYfz0HzuArO3yF0wVwHJzU0YM4fVMcbCnGoP+
5Iwc1AW1XW81EMROAbopdXnfN8jMtklBydE1r0tbxcAWifK9Qhhi4T+odZUmHd5p
DPzJh2dSBKeVnivjp5qwxwtmHPOEn+qEwCXVPRkBVcoDa5zuU83v3Lo1QIbGyhvV
XGzwEG/1nuUzDdZ/SkWNH9RDhScZqfwGFnJmLIl5W3CR5IoaJBgimmjNgfsmnkfj
/ay4unm0TvGGhW2OZ/AneBaSYeZwy7ogZ3WmWO53xnnINYYgVFuTCyvTcsoWPsEe
r4oOyc2j5b3GFWktlJtJplb6YyrfXAgRFPGN9/Lv+XzKKo/AcfJQ8lUv/Lwk8Hxf
TkNmwPGB+MkEcn3zFEn9eN7O/qUVyr/w4kQnK0TbJYTfLXRCVxqDH0FtkOflyhe3
NSS3xHWlFvz+K97EcW/s
=FWwE
-----END PGP SIGNATURE-----