kvirc (2:3.2.4-5ubuntu2) gutsy; urgency=low
* SECURITY UPDATE: parseIrcUrl() do not properly sanitize parts of the URI
when building the command for KVIrc's internet script system. This can
be exploited to inject and execute commands for the KVIrc script system
(including the "run" command, which can be leveraged to execute shell
commands) by e.g. tricking a user into opening a specially crafted
"irc://" or similar URI.
* Add debian/patches/10_parseIrcUrl_security_fix.patch: properly sanitizes
URI strings, as done in upstream SVN. (Fixes LP: #123037)
* References:
- http://www.kvirc.net/?id=news&story=2007.06.29.22.00.1.story&dir=latest
- http://secunia.com/secunia_research/2007-56/advisory/
- http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2951
- https://svn.kvirc.de/kvirc/changeset/630/#file3 (fix to kvi_ircurl.cpp)
* Add debian/control: Debian Maintainer Field
-- [EMAIL PROTECTED] (Richard A. Johnson) Mon, 02 Jul 2007
13:16:11 -0500
--
KVIrc irc:// URI Handler Command Execution Vulnerability
https://bugs.launchpad.net/bugs/123037
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
