Advisories MDVSA-2009:234-2: silc-toolkit

[paul]

Multiple vulnerabilities was discovered and corrected in silc-toolkit:

 

Multiple format string vulnerabilities in lib/silcclient/client_entry.c

in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and

SILC Client before 1.1.8, allow remote attackers to execute arbitrary

code via format string specifiers in a nickname field, related to the

(1) silc_client_add_client, (2) silc_client_update_client, and (3)

silc_client_nickname_format functions (CVE-2009-3051).

 

The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in

Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows

remote attackers to overwrite a stack location and possibly execute

arbitrary code via a crafted OID value, related to incorrect use of

a %lu format string (CVE-2008-7159).

 

The silc_http_server_parse function in lib/silchttp/silchttpserver.c in

the internal HTTP server in silcd in Secure Internet Live Conferencing

(SILC) Toolkit before 1.1.9 allows remote attackers to overwrite

a stack location and possibly execute arbitrary code via a crafted

Content-Length header, related to incorrect use of a %lu format string

(CVE-2008-7160).

 

Multiple format string vulnerabilities in lib/silcclient/command.c

in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10,

and SILC Client 1.1.8 and earlier, allow remote attackers to execute

arbitrary code via format string specifiers in a channel name, related

to (1) silc_client_command_topic, (2) silc_client_command_kick,

(3) silc_client_command_leave, and (4) silc_client_command_users

(CVE-2009-3163).

 

This update provides a solution to these vulnerabilities.

 

Update:

 

Packages for MES5 was not provided previousely, this update addresses

this problem.

 

Packages for 2008.0 are being provided due to extended support for

Corporate products.