Bug 559382 (CVE-2009-4016, CVE-2010-0300) - CVE-2009-4016 CVE-2010-0300 ircd-{hybrid,ratbox}: multiple vulnerabilities
Summary: CVE-2009-4016 CVE-2010-0300 ircd-{hybrid,ratbox}: multiple vulnerabilities
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2009-4016, CVE-2010-0300
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
urgent
urgent
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL: http://web.nvd.nist.gov/view/vuln/det...
Whiteboard:
Depends On: 559383 559384
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-01-27 23:28 UTC by Vincent Danen
Modified: 2019-09-29 12:34 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-06-17 19:20:44 UTC


Attachments (Terms of Use)
patch from Debian to correct CVE-2009-4016 (255 bytes, patch)
2010-01-27 23:30 UTC, Vincent Danen
no flags Details | Diff
patch from Debian to correct CVE-2010-0300 (1.56 KB, patch)
2010-01-27 23:31 UTC, Vincent Danen
no flags Details | Diff

Description Vincent Danen 2010-01-27 23:28:29 UTC
Two vulnerabilities were reported in ircd-hybrid, ircd-ratbox, and oftc-hybrid.  The first is an integer overflow that can lead to a denial of service or, possibly, the execution of arbitrary code on the ircd server (CVE-2009-4016 (patch [1])), the second is a NULL pointer dereference that can lead to a denial of service of the ircd server (CVE-2010-0300 (patch [2])).

This has been corrected in upstream ircd-ratbox 2.2.9 [3].  CVE-2010-0300 may be ircd-ratbox specific, however CVE-2009-4016 affects both ircd servers.

[1] http://ircd.ratbox.org/cgi-bin/index.cgi/ircd-ratbox/branches/RATBOX_3_0/src/cache.c?r1=26334&r2=26732
[2] http://trac.oftc.net/projects/oftc-hybrid/changeset/1062
[3] http://lists.ratbox.org/pipermail/ircd-ratbox/2010-January/000891.html

This issue would affect Fedora 11, 12, and rawhide, as well as EPEL 4 and 5.

Comment 1 Vincent Danen 2010-01-27 23:30:50 UTC
Created attachment 387193 [details]
patch from Debian to correct CVE-2009-4016

Comment 2 Vincent Danen 2010-01-27 23:31:27 UTC
Created attachment 387195 [details]
patch from Debian to correct CVE-2010-0300

Comment 5 Vincent Danen 2010-01-27 23:43:55 UTC
Upstream opted to remove the vulnerable clean_string() function in ircd-hybrid:

http://svn.ircd-hybrid.org:8000/viewcvs.cgi?rev=1044&view=rev

Comment 6 Jan Lieskovsky 2010-02-04 16:37:04 UTC
Eric, Marek,

  any update with scheduling Fedora-* ircd-{hybrid,ratbox} updates?

Thanks, Jan.

Comment 7 Eric Tanguy 2010-02-04 16:51:14 UTC
Sorry but i have orphaned ircd-hybrid.
Eric

Comment 8 Rakesh Pandit 2010-05-29 04:44:16 UTC
I am looking into it.

Comment 9 Fedora Update System 2010-05-29 06:16:24 UTC
ircd-hybrid-7.2.3-11.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/ircd-hybrid-7.2.3-11.fc12

Comment 10 Fedora Update System 2010-06-08 19:30:35 UTC
ircd-ratbox-2.2.8-7.fc12, ircd-hybrid-7.2.3-11.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.