Advertisement

Latest News

[ Windows | Linux | Apple ]

· OCZ Vertex 450 Series Solid State Drives announced
· NVIDIA GeForce GTX 780 Reviews Roundup
· Apple's 'iWatch' to come in late 2014 with focus on biometrics, analyst says
· Windows 8.1 laptops with AMDs new chips to support wireless display
· HP $399 touchscreen laptop breaks price barrier
· What's Wrong with the Xbox One? and more
· Microsoft updates its YouTube Windows Phone app with some concessions to Google
· 3 Debian Updates
· The third screen: Will all Windows 8 apps run on Microsoft's Xbox One?
· CentOS-6.4 LiveCD and LiveDVD for i386 and x86_64 released

Upcoming News

· AMD Kabini Mainstream APU Notebook Platform Preview @ Legit Reviews
· OCZ Vertex 450 Solid State Drive Review
· [CentOS-announce] CEBA-2013:0858 CentOS 6 coreutils Update
· ZOTAC GeForce GTX 780 Graphics Card Video Review with Stuart Davidson @ HardwareHeaven.com
· [Tech ARP] The NVIDIA GeForce GTX 780 Tech Report
· Gigabyte GeForce GTX 780 WindForce 3x OC review
· Noctua Fans Review @ ThinkComputers.org
· [RHSA-2013:0849-01] Important: KVM image security update
· NVIDIA GeForce GTX 780 Review @ HotHardware.com
· OCZ Vertex 450 256GB SSD Review @ Legit Reviews

Linux Compatibility

· Dell Dimension 9100
· CL-CAM50001 UPC=3700284609322
· DFE 520 TX
· nVidia GeForce4 MX 440
· Gore: Ultimate Soldier
· SMC2802W V2 wi-fi 54Mbps PCI card
· Wireless modem router N300
· Dell P780
· ASUS A7V8X
· BricsCAD for Linux

New Forum Topics

· shutdown link ?
by: estirwent
on: 2013-05-11 17:46
18 replies, 6456 views

· Laptop keyboard drank soda
by: Zenn
on: 2013-04-30 00:27
1 replies, 699 views

· connecting to to internet with ubuntu
by: Zenn
on: 2013-04-30 00:26
2 replies, 4568 views

· Need Linux-compatible PS/2 expansion card
by: Zenn
on: 2013-04-30 00:26
1 replies, 770 views

· irql_not_less_or_equal blue screen
by: Zenn
on: 2013-04-30 00:25
2 replies, 1149 views

News Channels

· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Updates
· Interviews
· Linux
· General
· Debian
· Red Hat
· Slackware
· Gentoo
· Mandriva
· White Box
· SUSE
· GNOME
· KDE
· CentOS
· Ubuntu
· MEPIS
· Android

What's New

Login to see an overview of all news stories since your last visit.

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

ksirc Denial of Service vulnerability

Posted by Philipp Esselbach on: 01/10/2007 12:58 PM [ Print | 0 comment(s) ]

KDE Security Advisory: ksirc denial of service vulnerability
Original Release Date: 2007-01-09
URL: http://www.kde.org/info/security/advisory-20070109-1.txt

0. References

CVE-2006-6811
http://www.milw0rm.com/exploits/3023
http://www.securityfocus.com/bid/21790

1. Systems affected:

ksirc as shipped with KDE 3.5.5 or older. KDE 3.5.6 and newer is not affected.

2. Overview:

On 2006-12-27, a proof of concept for arbitrary code execution in ksirc was published by Federico L. Bossi Bonin. The published exploit triggers an assertion in ksirc and results in a NULL pointer dereference (crash) for non-debug builds.

3. Impact:

A malicious IRC server can crash the ksirc client. No arbitrary code execution is possible by this vulnerability.

4. Solution:

Source code patches have been made available which fix these vulnerabilities. Contact your OS vendor / binary package provider for information about how to obtain updated binary packages.

5. Patch:

A patch for KDE 3.5.5 is available from
ftp://ftp.kde.org/pub/kde/security_patches :

72897a581daa9f71bdf61238f4c3e693 post-3.5.5-kdenetwork-ksirc.diff

All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2013 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition