4 matches found
CVE-2002-2155
Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name...
CVE-2000-0594
CVE-2000-0594 affects the BitchX IRC client. The vulnerability arises from improper cleansing of an untrusted format string in the /INVITE command, allowing a remote attacker to trigger a denial of service by inviting a channel whose name includes special formatting characters. Connected document...
bitchx.dos.txt
There's a small bug in the latest BitchX in which a nasty user can invite you to a channel with a %s in it, causing the client to coredump. As alot of channels/users on irc use the client, I felt I should post a notice about this problem. A small patch is available on www.bitchx.com/downloads.htm...
CVE-2000-0594
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters...