180 matches found
[SECURITY] [DSA 493-1] New xchat packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 493-1 [email protected] http://www.debian.org/security/ Martin Schulze April 21st, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 493-1] New xchat packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 493-1 [email protected] http://www.debian.org/security/ Martin Schulze April 21st, 2004 http://www.debian.org/security/faq -...
DSA-493 xchat - buffer overflow
Bulletin has no description...
[ GLSA 200404-15 ] XChat 2.0.x SOCKS5 Vulnerability
Gentoo Linux Security Advisory GLSA 200404-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
XChat buffer overflow
Buffer overflow in SOCKSv5 client code...
XChat 2.0.x SOCKS5 Vulnerability
Background XChat is a multiplatform IRC client. Description The SOCKS 5 proxy code in XChat is vulnerable to a remote exploit. Users would have to be using XChat through a SOCKS 5 server, enable SOCKS 5 traversal which is disabled by default and also connect to an attacker's custom proxy server...
CVE-2004-0409
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code...
CVE-2004-0409
CVE-2004-0409 is a stack-based overflow in XChat’s Socks5 proxy code affecting versions 1.8.0 through 2.0.8 with Socks5 traversal enabled. The vulnerability allows a remote attacker to execute arbitrary code via a crafted SOCKSv5 proxy, as detailed in vendor advisories (Red Hat RHSA-2004:585, Deb...
CVE-2004-0409
Removed by vendor...
xchat remotely exploitable buffer overflow (Socks5)
A straightforward stack buffer overflow exists in XChat's Socks5 proxy support. The XChat developers report that tsifra' discovered this issue. NOTE: XChat Socks5 support is disabled by support in the FreeBSD Ports Collection...
CVE-2003-1000
xchat 2.0.6 allows remote attackers to cause a denial of service crash via a passive DCC request with an invalid ID number, which causes a null dereference...
CVE-2003-1000
The CVE-2003-1000 vulnerability concerns xchat 2.0.6. It allows remote attackers to crash the client by sending a passive DCC request with an invalid ID, triggering a null dereference. Connected sources confirm the affected software/version and the underlying cause. Mitigation details are limited...
CVE-2003-1000
xchat 2.0.6 allows remote attackers to cause a denial of service crash via a passive DCC request with an invalid ID number, which causes a null dereference...
CVE-2003-1000
Removed by vendor...
PT-2003-2001 · Xchat · Xchat
Name of the Vulnerable Software and Affected Versions: xchat version 2.0.6 Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, via a passive DCC request with an invalid ID number. This action causes a null dereference. Recommendations: For xchat...
[Full-Disclosure] xchat 2.0.6 crashes with mirc 6.0-6.11 DCC exploit
xchat 2.0.6 crashes with mirc 6.0-6.11 DCC exploit the machine on which xchat crashed Linux 2.4.23 xchat 2.0.6 the machine who did the exploit mirc 6.12 Windows XP --- what happend: i starded xchat 2.0.6 on my linux machine and, just for fun, tried to exploit it via mirc. if you are not familiar...
XChat: malformed dcc send request denial of service
Background XChat is a multiplatform IRC client. Description There is a remotely exploitable bug in XChat 2.0.6 that could lead to a denial of service attack. Gentoo wishes to thank lloydbates for discovering this bug, as well as jcdutton and rac for submitting patches to fix the bug. Impact A...
CVE-2002-0006
Vulnerability summary (CVE-2002-0006) : XChat versions 1.8.7 and earlier (including default configurations of 1.4.2 and 1.4.3) are vulnerable. A remote attacker can execute arbitrary IRC commands as another client by sending specially encoded characters in a PRIVMSG that calls CTCP PING, which ca...
CVE-2002-0006
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variabl...
CVE-2002-0382
XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters...