3 matches found
bitchx EOLed in Slackware
This is a notice that bitchx, an IRC client based on ircii-EPIC4, has been removed from Slackware -current and will not be part of future Slackware releases. Security issues and bugs have been reported, but upstream work seems to have stalled leaving bitchx in a state where there are known proble...
Gentoo Security Advisory GLSA 200807-12 (bitchx)
The remote host is missing updates announced in advisory GLSA 200807-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
CVE-2007-5839
CVE-2007-5839 affects BitchX 1.1a: the e_hostname function in commands.c allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command. Root cause described as insecure temporary-file creation (tmpnam). Impact stated: lo...