FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

dircproxy -- remote denial of service

Affected packages
dircproxy < 1.0.5_1
dircproxy-devel < 1.2.0.b2_1

Details

VuXML ID a1ef3fc0-8ad0-11dc-9490-0016179b2dd5
Discovery 2006-09-06
Entry 2007-11-04
Modified 2008-01-31

Securiweb reports:

dircproxy allows remote attackers to cause a denial of service (segmentation fault) via an ACTION command without a parameter, which triggers a NULL pointer dereference, as demonstrated using a blank /me message from irssi.

References

CVE Name CVE-2007-5226
URL http://dircproxy.securiweb.net/ticket/89
URL https://bugzilla.redhat.com/show_bug.cgi?id=319301