Detections
Analytics

FreeBSD : weechat -- Crash or freeze when decoding IRC colors in strings (e02c572f-2af0-11e2-bb44-003067b2972c)

high Nessus Plugin ID 62887

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Sebastien Helleu reports :

A buffer overflow is causing a crash or freeze of WeeChat when decoding IRC colors in strings.

Workaround for a non-patched version : /set irc.network.colors_receive off

Solution

Update the affected packages.

See Also

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=173513

https://weechat.org/doc/security/

https://savannah.nongnu.org/bugs/?37704

http://www.nessus.org/u?08582b4b

Plugin Details

Severity: High

ID: 62887

File Name: freebsd_pkg_e02c572f2af011e2bb44003067b2972c.nasl

Version: 1.9

Type: local

Published: 11/12/2012

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:weechat, p-cpe:/a:freebsd:freebsd:weechat-devel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 11/10/2012

Vulnerability Publication Date: 11/9/2012

Reference Information

CVE: CVE-2012-5854