Launchpad CVE tracker

CVE 2009-1959

Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow.

Related bugs and status

CVE-2009-1959 (Candidate) is related to these bugs:

Bug #389748: Please merge irssi_0.8.13-2(main) from debian unstable

Summary				In	Importance	Status
	389748	Please merge irssi_0.8.13-2(main) from debian unstable		irssi (Ubuntu)	Undecided	Fix Released

Bug #589209: Please merge irssi 0.8.15-1 (main) from Debian unstable (main)

Summary				In	Importance	Status
	589209	Please merge irssi 0.8.15-1 (main) from Debian unstable (main)		irssi (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2009052...
MISC: http://xorl.wordpress....
CONFIRM: http://www.irssi.org/C...
MANDRIVA: MDVSA-2009:133
SECTRACK: 1022410
VUPEN: ADV-2009-1596
BID: 35399
SUSE: SUSE-SR:2009:012
UBUNTU: USN-800-1
SECUNIA: 35685
SECUNIA: 35812
FEDORA: FEDORA-2009-7012
SECUNIA: 36152
CONFIRM: http://bugs.irssi.org/...
XF: irssi-eventwallops-dos...

Launchpad.net

CVE 2009-1959

Related bugs and status

Related bugs

References