Advertisement

Latest News

[ Windows | Linux | Apple ]

· Daily Reviews Summary 05/25/12
· CompatDB Updates 05/25/12
· Rumor: Microsoft Office coming to iPad, Android in November
· Microsoft clarifies Ballmer's claims of massive Windows 8 adoption
· DSA 2480-1: request-tracker3.8 security update
· CentOS 6 NTP Server
· Daily Reviews Summary 05/24/12
· Bayan Audio - Bayan 7 iPod Speaker Dock Review
· Installing Nginx With PHP5 (And PHP-FPM) And MySQL Support (LEMP) On Ubuntu 12.04 LTS
· Ubuntu 12.04 + Nvidia - Heavy CPU usage

Upcoming News

· Thermaltake ToughPower Grand 850W Power Supply Review @ Rbmods
· Cooler Master Silent Pro Gold 1200-watt Power Supply Review
· Wine release 1.5.5
· OC3D: BitFenix Prodigy Review
· [Tech ARP] The New x264 HD Benchmark 5.0 Is Here!
· re: Diablo III Reviewed: Blizzard's Brilliant, Blundering Wreck
· Corsair Vengeance C70 Case Review @ Hardware Secrets
· Diablo III Reviewed: Blizzard's Brilliant, Blundering Wreck
· Samsung Green DDR3 8GB 1600mhz 30nm Memory review
· Withings Wi-Fi Body Scale Review @ TestFreaks

Linux Compatibility

· Canon Canoscan N650U
· TB-5300 Slimline Design Tablet
· HANDYCAM DCR-HC17E
· Linksys Wireless-G WPC54G PC-Card
· XPS L502X
· Slim Portable DVD Writer GP10
· AverTV Volar Green HD
· Dell Latitude E6420
· Canon CanoScan FB 636U
· Logitech QuickCam Pro 4000

New Forum Topics

· present.However after the Kou
by: Thomasxpp
on: 2012-05-26 02:12
0 replies, 0 views

· business, hand over to Ji
by: Thomasxpp
on: 2012-05-26 02:09
0 replies, 0 views

· a war in the outside and quells
by: Thomasxpp
on: 2012-05-26 02:06
0 replies, 0 views

· This among them the
by: Thomasxpp
on: 2012-05-26 02:02
0 replies, 0 views

· USB Not detected on any PC
by: AntNik45
on: 2012-05-09 18:37
0 replies, 0 views

News Channels

· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Updates
· Interviews
· Linux
· General
· Debian
· Red Hat
· Slackware
· Gentoo
· Mandriva
· White Box
· SUSE
· GNOME
· KDE
· CentOS
· Ubuntu
· MEPIS
· Android

What's New

Login to see an overview of all news stories since your last visit.

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

ksirc Denial of Service vulnerability

Posted by Philipp Esselbach on: 01/10/2007 12:58 PM [ Print | 0 comment(s) ]

KDE Security Advisory: ksirc denial of service vulnerability
Original Release Date: 2007-01-09
URL: http://www.kde.org/info/security/advisory-20070109-1.txt

0. References

CVE-2006-6811
http://www.milw0rm.com/exploits/3023
http://www.securityfocus.com/bid/21790

1. Systems affected:

ksirc as shipped with KDE 3.5.5 or older. KDE 3.5.6 and newer is not affected.

2. Overview:

On 2006-12-27, a proof of concept for arbitrary code execution in ksirc was published by Federico L. Bossi Bonin. The published exploit triggers an assertion in ksirc and results in a NULL pointer dereference (crash) for non-debug builds.

3. Impact:

A malicious IRC server can crash the ksirc client. No arbitrary code execution is possible by this vulnerability.

4. Solution:

Source code patches have been made available which fix these vulnerabilities. Contact your OS vendor / binary package provider for information about how to obtain updated binary packages.

5. Patch:

A patch for KDE 3.5.5 is available from
ftp://ftp.kde.org/pub/kde/security_patches :

72897a581daa9f71bdf61238f4c3e693 post-3.5.5-kdenetwork-ksirc.diff

All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2011 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition