BitchX IRC MODE Remote Buffer Overflow Vulnerability
BID:25462
Info
BitchX IRC MODE Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 25462 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4584 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 27 2007 12:00AM |
| Updated: | Apr 27 2009 07:16PM |
| Credit: | bannedit is credited with the discovery of this vulnerability. |
| Vulnerable: |
Slackware Linux -current Gentoo Linux BitchX IRC Client 1.1 |
| Not Vulnerable: | |
Discussion
BitchX IRC MODE Remote Buffer Overflow Vulnerability
BitchX is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
This issue affects BitchX 1.1; other versions may also be affected.
BitchX is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
This issue affects BitchX 1.1; other versions may also be affected.
Exploit / POC
BitchX IRC MODE Remote Buffer Overflow Vulnerability
The following exploit code is available:
The following exploit code is available:
Solution / Fix
BitchX IRC MODE Remote Buffer Overflow Vulnerability
Solution:
Please see the referenced advisories for details on obtaining and applying the appropriate updates.
Solution:
Please see the referenced advisories for details on obtaining and applying the appropriate updates.