Описание
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set.
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-0006
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7856
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000453
- http://marc.info/?l=bugtraq&m=101060676210255&w=2
- http://online.securityfocus.com/advisories/3806
- http://rhn.redhat.com/errata/RHSA-2002-005.html
- http://www.debian.org/security/2002/dsa-099
- http://www.securityfocus.com/bid/3830
EPSS
CVE ID
Связанные уязвимости
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set.
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set.
EPSS