Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-10189

Опубликовано: 14 мар. 2017
Источник: debian

Описание

BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
bitlbeefixed3.5-1package

Примечания

  • https://bugs.bitlbee.org/ticket/1282

  • Fixed by: https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f (3.5)

  • https://www.openwall.com/lists/oss-security/2017/01/30/4

  • When fixing this CVE make sure to apply as well

  • https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441

  • to not open CVE-2017-5668

Связанные уязвимости

ubuntu логотип

CVE-2016-10189

CVSS3: 7.5
ubuntu
почти 9 лет назад

BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.

nvd логотип

CVE-2016-10189

CVSS3: 7.5
nvd
почти 9 лет назад

BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.

suse-cvrf логотип

openSUSE-SU-2017:0669-1

suse-cvrf
почти 9 лет назад

Security update for bitlbee

github логотип

GHSA-f3fv-7pqw-59cx

CVSS3: 7.5
github
больше 3 лет назад

BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.