Bug 20788

Summary: CVE-2009-0661 WeeChat IRC Message Denial of Service
Product: Sisyphus Reporter: Vladimir Lettiev <crux>
Component: weechatAssignee: Alexey Gladkov <legion>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: blocker    
Priority: P3 CC: grenka, legion, php-coder, vvk
Version: unstableKeywords: security
Hardware: all   
OS: Linux   
URL: http://secunia.com/advisories/34304/

Description Vladimir Lettiev 2009-07-15 15:59:28 MSD 
A vulnerability has been reported in WeeChat, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the then handling of IRC messages containing certain color codes. This can be exploited to crash the application by sending specially crafted messages to a vulnerable client.

Fixed in version >= 0.2.6.1
Comment 1 Konstantin Pavlov 2009-07-15 16:05:31 MSD 
$ ssh git.alt acl sisyphus weechat show
weechat @nobody
Comment 2 Slava Semushin 2011-01-29 19:45:57 MSK 
В Сизифе 0.3.4