CVE-2006-6811

KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow.
References
Link Resource
http://osvdb.org/33443 Broken Link
http://security.gentoo.org/glsa/glsa-200701-26.xml Third Party Advisory
http://securitytracker.com/id?1017453 Broken Link Third Party Advisory VDB Entry
http://www.addict3d.org/index.php?page=viewarticle&trace=0&type=security&ID=8468 Broken Link
http://www.kde.org/info/security/advisory-20070109-1.txt Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:009 Broken Link
http://www.securityfocus.com/archive/1/456379/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/21790 Broken Link Exploit Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-409-1 Third Party Advisory
http://www.vupen.com/english/advisories/2006/5199 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/31134 Third Party Advisory VDB Entry
https://issues.rpath.com/browse/RPL-922 Broken Link
https://www.exploit-db.com/exploits/3023 Exploit Third Party Advisory VDB Entry
http://osvdb.org/33443 Broken Link
http://security.gentoo.org/glsa/glsa-200701-26.xml Third Party Advisory
http://securitytracker.com/id?1017453 Broken Link Third Party Advisory VDB Entry
http://www.addict3d.org/index.php?page=viewarticle&trace=0&type=security&ID=8468 Broken Link
http://www.kde.org/info/security/advisory-20070109-1.txt Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:009 Broken Link
http://www.securityfocus.com/archive/1/456379/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/21790 Broken Link Exploit Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-409-1 Third Party Advisory
http://www.vupen.com/english/advisories/2006/5199 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/31134 Third Party Advisory VDB Entry
https://issues.rpath.com/browse/RPL-922 Broken Link
https://www.exploit-db.com/exploits/3023 Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:kde:ksirc:1.3.12:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*

History

21 Nov 2024, 00:23

Type Values Removed Values Added
References () http://osvdb.org/33443 - Broken Link () http://osvdb.org/33443 - Broken Link
References () http://security.gentoo.org/glsa/glsa-200701-26.xml - Third Party Advisory () http://security.gentoo.org/glsa/glsa-200701-26.xml - Third Party Advisory
References () http://securitytracker.com/id?1017453 - Broken Link, Third Party Advisory, VDB Entry () http://securitytracker.com/id?1017453 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.addict3d.org/index.php?page=viewarticle&trace=0&type=security&ID=8468 - Broken Link () http://www.addict3d.org/index.php?page=viewarticle&trace=0&type=security&ID=8468 - Broken Link
References () http://www.kde.org/info/security/advisory-20070109-1.txt - Third Party Advisory () http://www.kde.org/info/security/advisory-20070109-1.txt - Third Party Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2007:009 - Broken Link () http://www.mandriva.com/security/advisories?name=MDKSA-2007:009 - Broken Link
References () http://www.securityfocus.com/archive/1/456379/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/456379/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/21790 - Broken Link, Exploit, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/21790 - Broken Link, Exploit, Third Party Advisory, VDB Entry
References () http://www.ubuntu.com/usn/usn-409-1 - Third Party Advisory () http://www.ubuntu.com/usn/usn-409-1 - Third Party Advisory
References () http://www.vupen.com/english/advisories/2006/5199 - Broken Link () http://www.vupen.com/english/advisories/2006/5199 - Broken Link
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/31134 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/31134 - Third Party Advisory, VDB Entry
References () https://issues.rpath.com/browse/RPL-922 - Broken Link () https://issues.rpath.com/browse/RPL-922 - Broken Link
References () https://www.exploit-db.com/exploits/3023 - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/3023 - Exploit, Third Party Advisory, VDB Entry

08 Feb 2024, 02:22

Type Values Removed Values Added
References (OSVDB) http://osvdb.org/33443 - (OSVDB) http://osvdb.org/33443 - Broken Link
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/31134 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/31134 - Third Party Advisory, VDB Entry
References (MISC) http://www.addict3d.org/index.php?page=viewarticle&trace=0&type=security&ID=8468 - (MISC) http://www.addict3d.org/index.php?page=viewarticle&trace=0&type=security&ID=8468 - Broken Link
References (CONFIRM) http://www.kde.org/info/security/advisory-20070109-1.txt - (CONFIRM) http://www.kde.org/info/security/advisory-20070109-1.txt - Third Party Advisory
References (SECTRACK) http://securitytracker.com/id?1017453 - (SECTRACK) http://securitytracker.com/id?1017453 - Broken Link, Third Party Advisory, VDB Entry
References (BUGTRAQ) http://www.securityfocus.com/archive/1/456379/100/0/threaded - (BUGTRAQ) http://www.securityfocus.com/archive/1/456379/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References (CONFIRM) https://issues.rpath.com/browse/RPL-922 - (CONFIRM) https://issues.rpath.com/browse/RPL-922 - Broken Link
References (BID) http://www.securityfocus.com/bid/21790 - Exploit (BID) http://www.securityfocus.com/bid/21790 - Broken Link, Exploit, Third Party Advisory, VDB Entry
References (UBUNTU) http://www.ubuntu.com/usn/usn-409-1 - (UBUNTU) http://www.ubuntu.com/usn/usn-409-1 - Third Party Advisory
References (GENTOO) http://security.gentoo.org/glsa/glsa-200701-26.xml - (GENTOO) http://security.gentoo.org/glsa/glsa-200701-26.xml - Third Party Advisory
References (VUPEN) http://www.vupen.com/english/advisories/2006/5199 - (VUPEN) http://www.vupen.com/english/advisories/2006/5199 - Broken Link
References (EXPLOIT-DB) https://www.exploit-db.com/exploits/3023 - (EXPLOIT-DB) https://www.exploit-db.com/exploits/3023 - Exploit, Third Party Advisory, VDB Entry
References (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDKSA-2007:009 - (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDKSA-2007:009 - Broken Link
CPE cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
First Time Canonical
Canonical ubuntu Linux
CWE NVD-CWE-Other CWE-617
CVSS v2 : 4.3
v3 : unknown
v2 : 4.3
v3 : 6.5

Information

Published : 2006-12-29 11:28

Updated : 2024-11-21 00:23


NVD link : CVE-2006-6811

Mitre link : CVE-2006-6811

CVE.ORG link : CVE-2006-6811


JSON object : View

Products Affected

kde

  • ksirc

canonical

  • ubuntu_linux
CWE
CWE-617

Reachable Assertion