ID:

CVE-2018-17019 (NVD)

- Vulnerability Info (edit)
2018-09-13

In Bro through 2.5.5, there is a DoS in IRC protocol names command parsing in analyzer/protocol/irc/IRC.cc.

Products bro
Type Improper Input Validation (CWE-20)
First patch
2018-09-13
https://github.com/bro/bro/commit/c2b18849f8bb833253538f5dfedb4ed1dc176a30
"Fix IRC names command parsing"

Stats: +21 lines / -3 lines (total: 24 lines)
Relevant file/s • ./src/analyzer/protocol/irc/IRC.cc (modified, +4, -3)
• ./testing/btest/Baseline/scripts.base.protocols.irc.names-weird/weird.log (added, +10)
• ./testing/btest/Traces/irc-353.pcap (added)
• ./testing/btest/scripts/base/protocols/irc/names-weird.bro (added, +7)
Annotation

Note:

This entry has not been annotated yet.

Please consider adding data:

bro - Tree: c2b18849f8

(? files)

Filter Settings
Files
Navigation
Patch data:

(on by default)


Patched area: