CVE-2016-7553

Published: Feb 27, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20160926 Re: CVE Request: irssi: information disclosure vulnerabilit in buf.pl

mailing-list

x_refsource_MLIST

[oss-security] 20160924 CVE Request: irssi: information disclosure vulnerabilit in buf.pl

mailing-list

x_refsource_MLIST

https://irssi.org/security/buf_pl_sa_2016.txt

x_refsource_CONFIRM

https://github.com/irssi/scripts.irssi.org/commit/f1b1eb154baa684fad5d65bf4dff79c8ded8b65a

x_refsource_CONFIRM

FEDORA-2016-39de4eb5e7

vendor-advisory

x_refsource_FEDORA

93155

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-7553

Description

Affected Products

References