Debian Security Advisory
DSA-211-1 micq -- denial of service
- Date Reported:
- 13 Dec 2002
- Affected Packages:
- micq
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2002-1362.
- More information:
-
RĂ¼diger Kuhlmann, upstream developer of mICQ, a text based ICQ client, discovered a problem in mICQ. Receiving certain ICQ message types that do not contain the required 0xFE separator causes all versions to crash.
For the current stable distribution (woody) this problem has been fixed in version 0.4.9-0woody3.
For the old stable distribution (potato) this problem has been fixed in version 0.4.3-4.1.
For the unstable distribution (sid) this problem has been fixed in version 0.4.9.4-1.
We recommend that you upgrade your micq package.
- Fixed in:
-
Debian GNU/Linux 2.2 (potato)
- Source:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.3-4.1.dsc
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.3-4.1.diff.gz
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.3.orig.tar.gz
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.3-4.1.diff.gz
- Alpha:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.3-4.1_alpha.deb
- ARM:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.3-4.1_arm.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.3-4.1_i386.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.3-4.1_m68k.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.3-4.1_powerpc.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.3-4.1_sparc.deb
Debian GNU/Linux 3.0 (woody)
- Source:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3.dsc
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3.diff.gz
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9.orig.tar.gz
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3.diff.gz
- Alpha:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3_alpha.deb
- ARM:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3_arm.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3_ia64.deb
- HPPA:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3_hppa.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3_m68k.deb
- Big endian MIPS:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3_mips.deb
- Little endian MIPS:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/m/micq/micq_0.4.9-0woody3_sparc.deb
MD5 checksums of the listed files are available in the original advisory.