Multiple vulnerabilities in Irssi

1) NULL pointer dereference

EUVDB-ID: #VU31438

Risk: Medium

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2017-5193

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a message without a nick.

Mitigation

Update to version 0.8.21.

Vulnerable software versions

Irssi: 0.8.0 - 0.8.20

CPE2.3

• cpe:2.3:a:irssi_org:irssi:0.8.0:*:*:*:*:*:*:*
• cpe:2.3:a:irssi_org:irssi:0.8.1:*:*:*:*:*:*:*
• cpe:2.3:a:irssi_org:irssi:0.8.2:*:*:*:*:*:*:*

External links

https://www.openwall.com/lists/oss-security/2017/01/06/1
https://www.securityfocus.com/bid/95310
https://irssi.org/security/irssi_sa_2017_01.txt
https://lists.debian.org/debian-lts-announce/2017/12/msg00022.html
https://security.gentoo.org/glsa/201701-45

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU31439

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-5194

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing an invalid nick message. A remote attackers can cause a denial of service (crash).

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update to version 0.8.21.

Vulnerable software versions

Irssi: 0.8.0 - 0.8.20

CPE2.3

• cpe:2.3:a:irssi_org:irssi:0.8.0:*:*:*:*:*:*:*
• cpe:2.3:a:irssi_org:irssi:0.8.1:*:*:*:*:*:*:*
• cpe:2.3:a:irssi_org:irssi:0.8.2:*:*:*:*:*:*:*

External links

https://www.openwall.com/lists/oss-security/2017/01/06/1
https://www.securityfocus.com/bid/95310
https://irssi.org/security/irssi_sa_2017_01.txt
https://lists.debian.org/debian-lts-announce/2017/12/msg00022.html
https://security.gentoo.org/glsa/201701-45

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU31440

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2017-5195

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ANSI x8 color code.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Irssi: 0.8.17 beta - 0.8.20

CPE2.3

• cpe:2.3:a:irssi_org:irssi:0.8.17:beta:*:*:*:*:*:*
• cpe:2.3:a:irssi_org:irssi:0.8.17:*:*:*:*:*:*:*
• cpe:2.3:a:irssi_org:irssi:0.8.18:*:*:*:*:*:*:*

External links

https://www.openwall.com/lists/oss-security/2017/01/06/1
https://www.securityfocus.com/bid/95310
https://irssi.org/security/irssi_sa_2017_01.txt
https://security.gentoo.org/glsa/201701-45

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU31441

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2017-5196

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via vectors involving strings that are not UTF8.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Irssi: 0.8.18 - 0.8.20

CPE2.3

• cpe:2.3:a:irssi_org:irssi:0.8.18:*:*:*:*:*:*:*
• cpe:2.3:a:irssi_org:irssi:0.8.19:*:*:*:*:*:*:*
• cpe:2.3:a:irssi_org:irssi:0.8.20:*:*:*:*:*:*:*

External links

https://www.openwall.com/lists/oss-security/2017/01/06/1
https://www.securityfocus.com/bid/95310
https://irssi.org/security/irssi_sa_2017_01.txt
https://security.gentoo.org/glsa/201701-45

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU31442

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2017-5356

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a string containing a formatting sequence (%[) without a closing bracket (]).

Mitigation

Install update from vendor's website.

Vulnerable software versions

Irssi: 0.8.0 - 0.8.20

CPE2.3

• cpe:2.3:a:irssi_org:irssi:0.8.0:*:*:*:*:*:*:*
• cpe:2.3:a:irssi_org:irssi:0.8.1:*:*:*:*:*:*:*
• cpe:2.3:a:irssi_org:irssi:0.8.2:*:*:*:*:*:*:*

External links

https://www.openwall.com/lists/oss-security/2017/01/12/8
https://www.openwall.com/lists/oss-security/2017/01/13/2
https://www.securityfocus.com/bid/96581
https://blog.fuzzing-project.org/55-Fuzzing-Irssi-with-Perl-Scripts.html
https://irssi.org/security/irssi_sa_2017_01.txt
https://lists.debian.org/debian-lts-announce/2017/12/msg00022.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.