Mandriva Linux Security Advisory : ircd-hybrid (MDVSA-2013:093)

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

Updated ircd-hybrid packages fix security vulnerability :

Bob Nomnomnom reported a Denial of Service vulnerability in
IRCD-Hybrid, an Internet Relay Chat server. A remote attacker may use
an error in the masks validation and crash the server (CVE-2013-0238).

Please note that due to the previously suboptimal nature of the
sysvinit script, systemd systems would not correctly detect the daemon
process as running and thus could not stop the service. As a result,
you may have to manually kill the process and start the service after
upgrading (i.e. killall ircd-hybrid; systemctl start
ircd-hybrid.service).

Solution :

Update the affected ircd-hybrid and / or ircd-hybrid-devel packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 66105 ()

Bugtraq ID: 57610

CVE ID: CVE-2013-0238

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now