• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

XChat Server Strings Buffer Overflow Vulnerability

XChat IRC client has been reported vulnerable, under certain circumstances, to a buffer overflow condition.

Due to a lack sufficient bounds checking when copying server-supplied strings into internal buffers, it may be possible to trigger a buffer overflow.

A hostile IRC server may be able to exploit this vulnerability to execute arbitrary code in the context of the user running the vulnerable application.

This vulnerability was reported to affect XChat version 2.0.1 other versions may also be affected.