Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : irssi vulnerabilities (USN-3317-1)
Medium Nessus Plugin ID 100755
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionIt was discovered that Irssi incorrectly handled certain DCC messages.
A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-9468)
Joseph Bisch discovered that Irssi incorrectly handled receiving incorrectly quoted DCC files. A remote attacker could possibly use this issue to cause Irssi to crash, resulting in a denial of service.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected irssi package.