Lucene search
K

180 matches found

Debian
Debian
added 2004/04/21 10:7 a.m.21 views

[SECURITY] [DSA 493-1] New xchat packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 493-1 [email protected] http://www.debian.org/security/ Martin Schulze April 21st, 2004 http://www.debian.org/security/faq -...

7.5CVSS7.2AI score0.08961EPSS
Exploits0
Debian
Debian
added 2004/04/21 10:7 a.m.60 views

[SECURITY] [DSA 493-1] New xchat packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 493-1 [email protected] http://www.debian.org/security/ Martin Schulze April 21st, 2004 http://www.debian.org/security/faq -...

7.5CVSS0.6AI score0.08961EPSS
Exploits0
OSV
OSV
added 2004/04/21 12:0 a.m.18 views

DSA-493 xchat - buffer overflow

Bulletin has no description...

7.5CVSS6AI score0.08961EPSS
Exploits0
securityvulns
securityvulns
added 2004/04/20 12:0 a.m.30 views

[ GLSA 200404-15 ] XChat 2.0.x SOCKS5 Vulnerability

Gentoo Linux Security Advisory GLSA 200404-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2004/04/20 12:0 a.m.30 views

XChat buffer overflow

Buffer overflow in SOCKSv5 client code...

3.1AI score
Exploits0References1Affected Software1
Gentoo Linux
Gentoo Linux
added 2004/04/19 12:0 a.m.21 views

XChat 2.0.x SOCKS5 Vulnerability

Background XChat is a multiplatform IRC client. Description The SOCKS 5 proxy code in XChat is vulnerable to a remote exploit. Users would have to be using XChat through a SOCKS 5 server, enable SOCKS 5 traversal which is disabled by default and also connect to an attacker's custom proxy server...

7.5CVSS6.7AI score0.08961EPSS
Exploits0
Cvelist
Cvelist
added 2004/04/17 4:0 a.m.29 views

CVE-2004-0409

Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code...

7.7AI score0.08961EPSS
Exploits0References8
CVE
CVE
added 2004/04/17 4:0 a.m.83 views

CVE-2004-0409

CVE-2004-0409 is a stack-based overflow in XChat’s Socks5 proxy code affecting versions 1.8.0 through 2.0.8 with Socks5 traversal enabled. The vulnerability allows a remote attacker to execute arbitrary code via a crafted SOCKSv5 proxy, as detailed in vendor advisories (Red Hat RHSA-2004:585, Deb...

7.5CVSS7.7AI score0.08961EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2004/04/17 4:0 a.m.48 views

CVE-2004-0409

Removed by vendor...

7.5CVSS6.7AI score0.08961EPSS
Exploits0
FreeBSD
FreeBSD
added 2004/04/05 12:0 a.m.39 views

xchat remotely exploitable buffer overflow (Socks5)

A straightforward stack buffer overflow exists in XChat's Socks5 proxy support. The XChat developers report that tsifra' discovered this issue. NOTE: XChat Socks5 support is disabled by support in the FreeBSD Ports Collection...

7.5CVSS6.9AI score0.08961EPSS
Exploits0References2
NVD
NVD
added 2004/01/05 5:0 a.m.15 views

CVE-2003-1000

xchat 2.0.6 allows remote attackers to cause a denial of service crash via a passive DCC request with an invalid ID number, which causes a null dereference...

7.5CVSS7.4AI score0.02552EPSS
Exploits0References2
CVE
CVE
added 2003/12/17 5:0 a.m.48 views

CVE-2003-1000

The CVE-2003-1000 vulnerability concerns xchat 2.0.6. It allows remote attackers to crash the client by sending a passive DCC request with an invalid ID, triggering a null dereference. Connected sources confirm the affected software/version and the underlying cause. Mitigation details are limited...

7.5CVSS7.4AI score0.02552EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2003/12/17 5:0 a.m.18 views

CVE-2003-1000

xchat 2.0.6 allows remote attackers to cause a denial of service crash via a passive DCC request with an invalid ID number, which causes a null dereference...

7.4AI score0.02552EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2003/12/17 5:0 a.m.25 views

CVE-2003-1000

Removed by vendor...

7.5CVSS7AI score0.02552EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2003/12/17 12:0 a.m.4 views

PT-2003-2001 · Xchat · Xchat

Name of the Vulnerable Software and Affected Versions: xchat version 2.0.6 Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, via a passive DCC request with an invalid ID number. This action causes a null dereference. Recommendations: For xchat...

7.5CVSS6.7AI score0.02552EPSS
Exploits0References4
securityvulns
securityvulns
added 2003/12/15 12:0 a.m.48 views

[Full-Disclosure] xchat 2.0.6 crashes with mirc 6.0-6.11 DCC exploit

xchat 2.0.6 crashes with mirc 6.0-6.11 DCC exploit the machine on which xchat crashed Linux 2.4.23 xchat 2.0.6 the machine who did the exploit mirc 6.12 Windows XP --- what happend: i starded xchat 2.0.6 on my linux machine and, just for fun, tried to exploit it via mirc. if you are not familiar...

0.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2003/12/14 12:0 a.m.35 views

XChat: malformed dcc send request denial of service

Background XChat is a multiplatform IRC client. Description There is a remotely exploitable bug in XChat 2.0.6 that could lead to a denial of service attack. Gentoo wishes to thank lloydbates for discovering this bug, as well as jcdutton and rac for submitting patches to fix the bug. Impact A...

1.3AI score
Exploits0
CVE
CVE
added 2003/04/02 5:0 a.m.46 views

CVE-2002-0006

Vulnerability summary (CVE-2002-0006) : XChat versions 1.8.7 and earlier (including default configurations of 1.4.2 and 1.4.3) are vulnerable. A remote attacker can execute arbitrary IRC commands as another client by sending specially encoded characters in a PRIVMSG that calls CTCP PING, which ca...

7.5CVSS7.7AI score0.08087EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.25 views

CVE-2002-0006

XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variabl...

7.7AI score0.08087EPSS
Exploits0References7
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.14 views

CVE-2002-0382

XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters...

7.7AI score0.02391EPSS
Exploits0References7
Rows per page
Query Builder