CVE-2002-0006
CVE-2002-0006
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/21210unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000453http://marc.info/?l=bugtraq&m=101060676210255&w=2http://online.securityfocus.com/advisories/3806http://rhn.redhat.com/errata/RHSA-2002-005.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/7856http://www.debian.org/security/2002/dsa-099http://www.securityfocus.com/bid/3830