Crash issue in UnrealIRCd: apply hot fix ASAP or upgrade to 4.0.11
Status: Beta
Brought to you by:
wildchild
Menu
▾
▴
Crash issue in UnrealIRCd: apply hot fix ASAP or upgrade to 4.0.11
|
From: Bram M. <sy...@un...> - 2017-02-10 15:19:49
|
(You can unsubscribe here <https://lists.sourceforge.net/lists/listinfo/unreal-notify> at the bottom of the page) Hi everyone, UnrealIRCd versions 4.0.8 - 4.0.10 on *NIX can be crashed by a remote user. This is due to a buffer overflow issue. The issue is actually present in all UnrealIRCd versions but because the data overflows into unused variables after the buffer the issue previously went undetected and caused no harm. UnrealIRCd 4.0.8 and later on *NIX have additional protection enabled. These versions detect the overflow and stop execution (UnrealIRCd crashes). The Windows version does not crash. We have released UnrealIRCd 4.0.11 which addresses this issue (among some other less serious issues, see end of e-mail). There is also a "hot fix" available so you can patch your server _without requiring an UnrealIRCd restart_. See below. *We recommend *NIX users to apply the "hot fix" as soon as possible (see below). Windows users are unaffected.* *How to get the fix/patch?* On Windows there is no need to upgrade, but you can install UnrealIRCd 4.0.11. Linux/BSD/.. users can also install 4.0.11 *OR *you can choose to patch UnrealIRCd on-the-fly _without a restart_. Since the patch is usually the easiest and most user friendly solution, we recommend it. Run the following on the IRC shell: wget http://www.unrealircd.org/patch/isonpatcher && sh isonpatcher *Q&A* *Have there been any reports of these bugs being abused by anyone? *Not yet. But the issue is easy to trigger, so don't wait for it. *Should I upgrade? *Yes. If you are affected (see /Affected versions/ above) then you should upgrade or install the hot-fix as soon as possible. * ****Are there any workarounds so I don't have to upgrade?* **On *NIX, use the hot fix / patch so you don't need to restart UnrealIRCd. ***** ***Can I upgrade without restarting the IRC server? **On Linux/BSD/.. yes. Run the following on the shell: wget http://www.unrealircd.org/patch/isonpatcher && sh isonpatcher * ****I don't like the patch script. How I can fix this by hand? *If, for whatever reason, you don't want to use the simple patchscript from above then you can download the .tar.gz here <https://www.unrealircd.org/patch/isonfix.tar.gz> instead. Extract it somewhere and look at the contents. Among other things it contains /isonfix.patch./ Apply that patch, recompile and rehash your UnrealIRCd.* *This is exactly the same as the patch script would do.* How serious is this bug? *Any connected user can crash the IRCd. Only if the user cannot get on the IRCd (eg: password protect hub) then he can not trigger the crash. * * *When were these issues reported?* This issue was reported 36 hours ago. The issue was confirmed less than 24 hours ago and a fix was created today. *Updates to this advisory *This release announcement/advisory can be found here <https://forums.unrealircd.org/viewtopic.php?f=1&t=8671>. Small corrections/updates will be posted there, if any.* * *About the UnrealIRCd 4.0.11 release* Changes between 4.0.10 and 4.0.11: Major issues fixed: * Fix crash issue which can be triggered by regular users * Fix crash if TOPIC_NICK_IS_NUHOST is enabled (rarely enabled) * Fix crash if services send an incorrect raw command (only an issue when using faulty services or ircops playing with RAW commands) Minor issues fixed: * Now properly support 'z' when used in set::modes-on-join Other changes: * Show a warning if you don't have any SSL listeners -- Bram Matthys Software developer/IT con...@vu... Website:www.vulnscan.org PGP key:www.vulnscan.org/pubkey.asc PGP fp: 2ABD 57FA 7783 5ADD C5EC 8ED7 DE93 B8B4 7E74 5EB3 |
