Security
Security
Multiple vulnerabilities in Bitlbee may allow to bypass security restrictions and hijack accounts.
| Package | net-im/bitlbee on all architectures |
|---|---|
| Affected versions | < 1.2.3 |
| Unaffected versions | >= 1.2.3 |
BitlBee is an IRC to IM gateway that support multiple IM protocols.
Multiple unspecified vulnerabilities were reported, including a NULL pointer dereference.
A remote attacker could exploit these vulnerabilities to overwrite existing IM accounts.
There is no known workaround at this time.
All BitlBee users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-im/bitlbee-1.2.3"
Release date
September 23, 2008
Latest revision
September 23, 2008: 01
Severity
normal
Exploitable
remote
Bugzilla entries