FreeBSD : irssi -- remote DoS (165e8951-4be0-11e7-a539-0050569f7e80)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Joseph Bisch reports :

When receiving a DCC message without source nick/host, Irssi would
attempt to dereference a NULL pointer.

When receiving certain incorrectly quoted DCC files, Irssi would try
to find the terminating quote one byte before the allocated memory.

See also :

https://irssi.org/security/irssi_sa_2017_06.txt
http://www.nessus.org/u?20aac993

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 100674 ()

Bugtraq ID:

CVE ID: CVE-2017-9468
CVE-2017-9469

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now