FreeBSD : irssi -- use-after-free potential code execution (06f931c0-0be0-11e7-b4bf-5404a68ad561)

High Nessus Plugin ID 97807


The remote FreeBSD host is missing a security-related update.


The irssi project reports :

Use after free while producing list of netjoins (CWE-416). This issue was found and reported to us by APic. This issue usually leads to segmentation faults. Targeted code execution should be difficult.


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 97807

File Name: freebsd_pkg_06f931c00be011e7b4bf5404a68ad561.nasl

Version: $Revision: 3.4 $

Type: local

Published: 2017/03/20

Modified: 2018/01/31

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P


Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:irssi, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2017/03/18

Vulnerability Publication Date: 2017/03/11

Reference Information

CVE: CVE-2017-7191