Red Hat Linux 6.2 Security Advisory

Back to Security Advisories

Package ircii Synopsis ircii buffer overflow Advisory ID RHSA-2000:008-01 Issue Date 2000-03-29 Updated On 2000-03-30 Product Red Hat Linux Keywords ircii 4.4M buffer dcc 1. Topic: A buffer overflow exists in ircii. 2. Problem description: A buffer overflow exists in ircii's dcc chat capability. An attacker could use this overflow to execute code as the user of ircii. 3. Bug IDs fixed: (see bugzilla for more information) 10339 - ircii overflow bug. please upgrade ircii. again. 4. Relevant releases/architectures: Red Hat Linux 4.2 - i386 alpha sparc Red Hat Linux 5.2 - i386 alpha sparc Red Hat Linux 6.0 - i386 alpha sparc Red Hat Linux 6.1 - i386 alpha sparc Red Hat Linux 6.2 - i386 sparc 5. Obsoleted by: None 6. Conflicts with: None 7. RPMs required: Intel: ftp://updates.redhat.com/6.2/en/os/i386/ ircii-4.4M-1.i386.rpm SPARC: ftp://updates.redhat.com/6.2/en/os/sparc ircii-4.4M-1.sparc.rpm Source: ftp://updates.redhat.com/6.2/en/os/SRPMS ircii-4.4M-1.src.rpm 8. Solution: For each RPM for your particular architecture, run: rpm -Uvh filename where filename is the name of the RPM. 9. Verification: MD5 sum Package Name ------------------------------------------------------------------------- e44491fe29858c1884196a0cd40fc60d 6.2/en/os/i386/ircii-4.4M-1.i386.rpm a759d5ea66514b4e12e59a8c173d65d9 6.2/en/os/sparc/ircii-4.4M-1.sparc.rpm 95c765b3fb7c76dc7d2de1fe1853e3ca 6.2/en/os/SRPMS/ircii-4.4M-1.src.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/about/contact.html You can verify each package with the following command: rpm --checksig filename If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg filename Note that you need RPM >= 3.0 to check GnuPG keys. 10. References: http://www.securityfocus.com/vdb/bottom.html?vid=1046