GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Sun May 18, 2014 7:26 pm Post subject: [ GLSA 201405-21 ] Charybdis, ShadowIRCd: Denial of Service |
 |
|
Gentoo Linux Security Advisory
Title: Charybdis, ShadowIRCd: Denial of Service (GLSA 201405-21)
Severity: normal
Exploitable: remote
Date: May 18, 2014
Bug(s): #449544, #449790
ID: 201405-21
Synopsis
A vulnerability has been found in Charybdis and ShadowIRCd,
possibly resulting in remote Denial of Service.
Background
Charybdis is the Atheme Project’s IRC daemon based on ratbox.
ShadowIRCd is an IRC daemon based on Charybdis that adds several useful
features.
Affected Packages
Package: net-irc/charybdis
Vulnerable: < 3.4.2
Unaffected: >= 3.4.2
Architectures: All supported architectures
Package: net-irc/shadowircd
Vulnerable: < 6.3.3
Unaffected: >= 6.3.3
Architectures: All supported architectures
Description
A vulnerability has been discovered in Charybdis and ShadowIRCd. Please
review the CVE identifier referenced below for details.
Impact
A remote attacker may be able to cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Charybdis users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-irc/charybdis-3.4.2"
|
All ShadowIRCd users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-irc/shadowircd-6.3.3"
|
References
CVE-2012-6084 |
|
News & Announcements
