Bug 609143 (CVE-2010-2451, CVE-2010-2452)

Summary: CVE-2010-2451 CVE-2010-2452 KVIrc: Directory traversal and arbitrary code execution via specially-crafted DCC protocol messages
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED UPSTREAM QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: alekcejk
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-10 10:57:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 609147    
Bug Blocks:    

Description Jan Lieskovsky 2010-06-29 14:04:25 UTC 
Multiple format string flaws were found in the way, KVIrc IRC client
processed certain Direct Client-to-Client (DCC) messages. A remote,
authenticated IRC user, could send a specially-crafted DCC message
to local KVIrc client, potentially leading to arbitrary code execution
with the privileges of the user running KVIrc, CVE-2010-2451.

A directory traversal flaw was found in the way, KVIrc IRC client
processed certain Direct Client-to-Client (DCC) messages. A remote,
authenticated IRC user, could send a specially-crafted DCC message
to local KVIrc client. This could allow an attacker to alter
integrity (overwrite) of some system files, CVE-2010-2452.

References:
  [1] http://lists.omnikron.net/pipermail/kvirc/2010-May/000867.html
  [2] http://www.debian.org/security/2010/dsa-2065
  [3] http://www.securityfocus.com/bid/40746
  [4] http://bugs.gentoo.org/show_bug.cgi?id=326149

Upstream patch:
  [5] https://svn.kvirc.de/kvirc/changeset/4317
Comment 1 Jan Lieskovsky 2010-06-29 14:07:19 UTC 
These flaws affect the versions of the kvirc package,
as present in the Fedora-12 and Fedora-13 -testing
repository (kvirc-4.0.0-1.fc12, kvirc-4.0.0-1.fc13).

Patch from [5] seems to be applicable to above versions.
Please fix.
Comment 2 Jan Lieskovsky 2010-06-29 14:10:48 UTC 
Created kvirc tracking bugs for this issue

Affects: fedora-all [bug 609147]
Comment 3 nucleo 2010-06-29 17:10:26 UTC 
(In reply to comment #1)
> These flaws affect the versions of the kvirc package,
> as present in the Fedora-12 and Fedora-13 -testing
> repository (kvirc-4.0.0-1.fc12, kvirc-4.0.0-1.fc13).
> 
> Patch from [5] seems to be applicable to above versions.
> Please fix.    

kvirc-4.0.0-1.fc12 and kvirc-4.0.0-1.fc13 built using r4541, so changes from https://svn.kvirc.de/kvirc/changeset/4317 are already applied.

Are you sure that kvirc in F12,F13 updates-testing are affected?
Comment 4 Fedora Update System 2010-06-29 21:05:25 UTC 
kvirc-4.0.0-1.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/kvirc-4.0.0-1.fc13
Comment 5 Fedora Update System 2010-06-29 21:06:33 UTC 
kvirc-4.0.0-1.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/kvirc-4.0.0-1.fc12
Comment 6 Fedora Update System 2010-06-30 15:11:30 UTC 
kvirc-4.0.0-1.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 7 Fedora Update System 2010-06-30 15:19:01 UTC 
kvirc-4.0.0-1.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Product Security DevOps Team 2019-06-10 10:57:03 UTC 
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.