oss-sec mailing list archives

Re: Charybdis: Improper assumptions in the server handshake code may lead to a remote crash

From: Henri Salo <henri () nerv fi>
Date: Wed, 2 Jan 2013 20:09:18 +0200

On Tue, Jan 01, 2013 at 12:07:39AM -0700, Kurt Seifried wrote:

Please use CVE-2012-6084 for this issue.

Same as http://seclists.org/oss-sec/2012/q4/545


ShadowIRCd before 6.3.3 is also affected.

https://github.com/shadowircd/shadowircd

commit 806af85d265673e599e91f1e0d364845b66ee82d
Author: Joah <Joah () AlphaChat net>
Date:   Mon Dec 31 14:49:19 2012 -0500

    Ported m_capab Crash Exploit Fix from charybdis
    
    Ported the fix from charybdis to ShadowIRCd.

- Henri Salo

Current thread:

Re: Charybdis: Improper assumptions in the server handshake code may lead to a remote crash Henri Salo (Jan 02)