SILC: Multiple vulnerabilities
Multiple vulnerabilities were found in SILC Client, Server, and Toolkit,
allowing for Denial of Service and execution of arbitrary code.
silc-toolkit silc-client silc-server
2008-04-24
2008-04-24
212362
214116
214812
remote
1.1.7
1.1.7
1.1.4
1.1.4
1.1.2
1.1.2
SILC (Secure Internet Live Conferencing protocol) Toolkit is a software
development kit for use in clients, SILC Server is a communication
server, and SILC Client is an IRSSI-based text client.
- Nathan G. Grennan reported a boundary error in SILC Toolkit
within the silc_fingerprint() function in the file
lib/silcutil/silcutil.c when passing overly long data, resulting in a
stack-based buffer overflow (CVE-2008-1227).
- A vulnerability
has been reported in SILC Server which is caused due to an error in the
handling of "NEW_CLIENT" packets that do not contain a nickname
(CVE-2008-1429).
- Ariel Waissbein, Pedro Varangot, Martin
Mizrahi, Oren Isacson, Carlos Garcia, and Ivan Arce of Core Security
Technologies reported that SILC Client, Server, and Toolkit contain a
vulnerability in the silc_pkcs1_decode() function in the silccrypt
library (silcpkcs1.c), resulting in an integer underflow, signedness
error, and a buffer overflow (CVE-2008-1552).
A remote attacker could exploit these vulnerabilities to cause a Denial
of Service or execute arbitrary code with the privileges of the user
running the application.
There is no known workaround at this time.
All SILC Toolkit users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/silc-toolkit-1.1.7"
All SILC Client users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/silc-client-1.1.4"
All SILC Server users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/silc-server-1.1.2"
CVE-2008-1227
CVE-2008-1429
CVE-2008-1552
rbu
rbu
keytoaster