Nom du paquet
eggdrop
Date
2007-09-06
Advisory ID
MDKSA-2007:175
Affected versions
2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS3.0 x86_64 , CS3.0 i586 , 2007.1 x86_64

Problem description

A stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop
1.6.18, and possibly earlier, allows user-assisted, malicious remote
IRC servers to execute arbitrary code via a long private message.

Updated packages fix this issue.

Updated packages

2007.0 x86_64

 dbe358c197ea69243ea96536814b089c  2007.0/x86_64/eggdrop-1.6.17-3.1mdv2007.0.x86_64.rpm 
 0b8dab3bb20fa77b8110fba70c0cf42d  2007.0/SRPMS/eggdrop-1.6.17-3.1mdv2007.0.src.rpm

2007.1 i586

 a56c9816445a5b4967d03d144aade848  2007.1/i586/eggdrop-1.6.17-3.1mdv2007.1.i586.rpm 
 d8eb704c902f6118cec187ec6cd67bae  2007.1/SRPMS/eggdrop-1.6.17-3.1mdv2007.1.src.rpm

2007.0 i586

 42c9df2265dca3aa08ac313581d2f79e  2007.0/i586/eggdrop-1.6.17-3.1mdv2007.0.i586.rpm 
 0b8dab3bb20fa77b8110fba70c0cf42d  2007.0/SRPMS/eggdrop-1.6.17-3.1mdv2007.0.src.rpm

CS3.0 x86_64

 6913fb0a2f783d2614f34883e40d7664  corporate/3.0/x86_64/eggdrop-1.6.15-3.1.C30mdk.x86_64.rpm 
 aa1cb17308f08bec5f524d41495e5fc9  corporate/3.0/SRPMS/eggdrop-1.6.15-3.1.C30mdk.src.rpm

CS3.0 i586

 885019e8d2f6b0cfb9de05156d64444e  corporate/3.0/i586/eggdrop-1.6.15-3.1.C30mdk.i586.rpm 
 aa1cb17308f08bec5f524d41495e5fc9  corporate/3.0/SRPMS/eggdrop-1.6.15-3.1.C30mdk.src.rpm

2007.1 x86_64

 69824e4cf05c6aaed125d3ce5b035d49  2007.1/x86_64/eggdrop-1.6.17-3.1mdv2007.1.x86_64.rpm 
 d8eb704c902f6118cec187ec6cd67bae  2007.1/SRPMS/eggdrop-1.6.17-3.1mdv2007.1.src.rpm

References