CVE-2002-1486

EPSS 9.4%

Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server.

Affected products

n/a · n/a

public PoCs found — 5

exploitdbwww.exploit-db.com/exploits/21816unverified exploitdbwww.exploit-db.com/exploits/21813unverified exploitdbwww.exploit-db.com/exploits/21823unverified exploitdbwww.exploit-db.com/exploits/21804unverified exploitdbwww.exploit-db.com/exploits/21810unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://archives.neohapsis.com/archives/bugtraq/2002-09/0258.html http://archives.neohapsis.com/archives/bugtraq/2002-09/0266.html http://archives.neohapsis.com/archives/bugtraq/2002-09/0268.html http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0139.html http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0140.html http://www.iss.net/security_center/static/10150.php http://www.iss.net/security_center/static/10151.php http://www.iss.net/security_center/static/10163.php http://www.securityfocus.com/bid/5765 http://www.securityfocus.com/bid/5769 http://www.securityfocus.com/bid/5777