oss-security September 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] CVE Request -- Bip -- Remote Do

Re: [oss-security] CVE Request -- Bip -- Remote Dos (crash) by exchanging user credentials

From: Josh Bressers <bressers_at_nospam>
Date: Tue Sep 07 2010 - 18:44:36 GMT
To: oss-security@lists.openwall.com

Please use CVE-2010-3071

Thanks.

-- JB ----- "Jan Lieskovsky" <jlieskov@redhat.com> wrote: > Hello Steve, vendors, > > A denial of service flaw was found in the way Bip IRC Bouncer > exchanged user credentials by initiating the IRC protocol session. > A remote, unauthenticated user could send a specially crafted > connection request, leading to bip daemon crash (NULL pointer > dereference) > > References: > [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595409 > [2] https://bugzilla.redhat.com/show_bug.cgi?id=630437 > > Could you allocate CVE id for this one? > > Thanks && Regards, Jan. > -- > Jan iankko Lieskovsky / Red Hat Security Response Team