Published: 22/10/2017 Updated: 14/03/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

In certain cases, Irssi prior to 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.

Vulnerable Product	Search on Vulmon	Subscribe to Product
irssi irssi
debian debian linux 7.0
debian debian linux 8.0
debian debian linux 9.0

Several security issues were fixed in Irssi ...

Multiple vulnerabilities have been discovered in Irssi, a terminal based IRC client The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-10965 Brian geeknik Carpenter of Geeknik Labs discovered that Irssi does not properly handle receiving messages with invalid time stamps A malicious IRC serve ...

Debian Bug report logs - #890674 irssi: CVE-2018-7054 Package: src:irssi; Maintainer for src:irssi is Rhonda D'Vine <rhonda@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 17 Feb 2018 15:45:05 UTC Severity: important Tags: patch, security, upstream Found in version irssi/100-1 Fixed i ...

Debian Bug report logs - #886475 irssi: CVE-2018-5205 CVE-2018-5206 CVE-2018-5207 CVE-2018-5208 Package: src:irssi; Maintainer for src:irssi is Rhonda D'Vine <rhonda@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 6 Jan 2018 14:42:02 UTC Severity: important Tags: fixed-upstream, patch, ...

Debian Bug report logs - #879521 irssi: multiple vulnerabilities fixed in irssi 105 Package: src:irssi; Maintainer for src:irssi is Rhonda D'Vine <rhonda@debianorg>; Reported by: Yves-Alexis Perez <corsac@debianorg> Date: Sun, 22 Oct 2017 15:27:02 UTC Severity: grave Tags: fixed-upstream, security, upstream Foun ...

Debian Bug report logs - #890678 irssi: CVE-2018-7050 Package: src:irssi; Maintainer for src:irssi is Rhonda D'Vine <rhonda@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 17 Feb 2018 15:48:05 UTC Severity: important Tags: patch, security, upstream Found in version irssi/0817-1 Fixed ...

Debian Bug report logs - #890677 irssi: CVE-2018-7051 Package: src:irssi; Maintainer for src:irssi is Rhonda D'Vine <rhonda@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 17 Feb 2018 15:48:02 UTC Severity: important Tags: patch, security, upstream Found in version irssi/0817-1 Fixed ...

Debian Bug report logs - #890676 irssi: CVE-2018-7052 Package: src:irssi; Maintainer for src:irssi is Rhonda D'Vine <rhonda@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 17 Feb 2018 15:45:11 UTC Severity: important Tags: patch, security, upstream Found in version irssi/0817-1 Fixed ...

In certain cases, Irssi before 105 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string ...

In certain cases Irssi may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string To be exploited, this issue requires a broken IRCd or control over the IRCd ...

CWE-125 https://irssi.org/security/irssi_sa_2017_10.txt http://openwall.com/lists/oss-security/2017/10/22/4 https://www.debian.org/security/2017/dsa-4016 https://lists.debian.org/debian-lts-announce/2017/12/msg00022.html https://usn.ubuntu.com/3465-1/https://nvd.nist.gov

Get Started

CVE-2017-15722

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect