Security vulnerabilities in version 0.3.1
This page lists all known and fixed security vulnerabilities in version 0.3.1 (back to the list of all versions).
Overview: 3 vulnerabilities
||Crash on send of unknown commands to IRC server.
||Access of uninitialized pointer
||0.3.0 → 0.4.0
||Remote execution of commands via scripts.
||Improper input validation
||0.3.0 → 0.3.9.1
||Possible man-in-the-middle attack in TLS connection to IRC server.
||Improper certificate validation
||0.1.3 → 0.3.4
WSA-2013-2: [IRC] Crash on send of unknown commands to IRC server.
Access of uninitialized pointer
0.3.0 → 0.4.0
Strings are built with uncontrolled format when unknown IRC commands are sent to server, if option
There are multiple ways to mitigate this issue:
- Turn off option to send unknown commands:
/set irc.network.send_unknown_commands off
- Do not use formatting chars like "%" when sending unknown commands to server.
WSA-2012-2: [API] Remote execution of commands via scripts.
Improper input validation
0.3.0 → 0.3.9.1
Untrusted command for function hook_process could lead to execution of commands, because of shell expansions (so the problem is only caused by some scripts, not by WeeChat itself).
Remove/unload all scripts calling the API function hook_process.
WSA-2011-1: [IRC] Possible man-in-the-middle attack in TLS connection to IRC server.
Improper certificate validation
0.1.3 → 0.3.4
Due to insufficient check of TLS certificate in IRC plugin, man-in-the-middle attackers can spoof a server via an arbitrary certificate.
There is no known mitigation.
The upgrade of WeeChat to the latest stable version is highly recommended.