Bug#581194: libpoe-component-irc-perl: Insufficient stripping of CR/LF allows arbitrary IRC command execution
Debian bug at v.nix.is
debian-bug at v.nix.is
Tue May 11 14:12:05 UTC 2010
Package: libpoe-component-irc-perl
Severity: important
Tags: patch
IRC bots which do not take care of removing carriage returns and line
feeds from parameters they send to the IRC component are vulnerable to
this security hole. For example, passing an argument of "foo bar\rQUIT"
to the 'privmsg' handler will cause the client to disconnect from the
server.
All versions of POE::Component::IRC are affected.
This has been patched upstream (relevent commits:
http://github.com/bingos/poe-component-irc/compare/d2ead04...675f55cd)
and included in the latest release (version 6.32).
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (900, 'testing'), (800, 'unstable'), (700, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32.12-x86_64-linode12 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
More information about the pkg-perl-maintainers
mailing list