漏洞信息详情
ngIRCd PART Command Parsing服务拒绝漏洞
- CNNVD编号:CNNVD-200801-212
- 危害等级: 中危
- CVE编号: CVE-2008-0285
- 漏洞类型: 设计错误
- 发布时间: 2008-01-15
- 威胁类型: 远程
- 更新时间: 2008-09-05
- 厂 商: ngircd
- 漏洞来源: The vendor reporte...
漏洞简介
0.10.4以前的ngIRCd 0.10.x以及0.110~pre 2以前的0.11.0存在拒绝服务漏洞。远程攻击者可以利用激活无效的IRC PART信息,制造拒绝服务。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
ngIRCd ngIRCd 0.11-pre2
ngIRCd ngIRCd 0.11.0.tar.gz
ftp://ftp.berliOS.de/pub/ngircd/
ngIRCd ngIRCd 0.10.2
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
ngIRCd ngIRCd 0.10.3
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
ngIRCd ngIRCd 0.6
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
ngIRCd ngIRCd 0.6.1
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
ngIRCd ngIRCd 0.7
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
ngIRCd ngIRCd 0.7.1
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
ngIRCd ngIRCd 0.7.5
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
ngIRCd ngIRCd 0.7.6
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
ngIRCd ngIRCd 0.7.7
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
ngIRCd ngIRCd 0.8
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
ngIRCd ngIRCd 0.8.1
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
ngIRCd ngIRCd 0.8.2
ngIRCd ngIRCd 0.10.4.tar.gz
ftp://ngircd.barton.de/pub/ngircd/
参考网址
来源: ngircd.barton.de
链接:http://ngircd.barton.de/doc/ChangeLog
来源: bugs.gentoo.org
链接:http://bugs.gentoo.org/show_bug.cgi?id=204834
来源: MISC
链接:http://arthur.barton.de/cgi-bin/viewcvs.cgi/ngircd/ngircd/src/ngircd/irc-channel.c?r1=1.40&r2=1.41&diff_format=h
来源: BID
名称: 27318
链接:http://www.securityfocus.com/bid/27318
来源: GENTOO
名称: GLSA-200801-13
链接:http://security.gentoo.org/glsa/glsa-200801-13.xml
来源: SECUNIA
名称: 28673
链接:http://secunia.com/advisories/28673
来源: SECUNIA
名称: 28425
链接:http://secunia.com/advisories/28425
受影响实体
- Ngircd Ngircd:0.11.0-Pre1
- Ngircd Ngircd:0.10.3
补丁
暂无
评论