Back to list
XChat 2.8.4-1 - Multiple Vulnerabilities
Mar 28 2008 04:37PM
evilcry gmail com
Date : 2008-03-23
Product : XChat
Version : 2.8.4-1
Vendor : http://www.silverex.org/news/
Vendor Status :
2007-12-?? Not Informed!
2008-01-?? Vendor contacted!
2008-03-28 No reply from vendor. Published!
XChat, is one of the most popular IRC clients for Unix-like systems.
It is also available for Microsoft Windows and Mac OS X.
silverex.org done an unofficial free X-Chat built for Windows,
compiled on Windows XP SP2 with Microsoft Visual Studio .NET 2003
Enterprise Architect C/C++ compiler.
Discovered/Provided By :
Giuseppe `Evilcry` Bonfa' - http://evilcry.altervista.org
Omni - http://omni.playhack.net
omnipresent[at]NOSPAM-email[dot]it - omni[at]NOSPAM-playhack[dot]net
2) Security Issues
--- [ Password Disclosure Vulnerability ] ---
XChat 2.8.4-1 is prone to a Password Disclosure Vulnerability that could
expose XChat users to a leak of Sensitive Informations, such as the NickServ
and Server Password, allowing User Impersonation.
XChat leaves User's Passwords in clear in memory, an attacker could carve with a
Process Memory Dump of the Xchat process, and next by identifing some costants
string it's possible, with some byte displacement, to retrive the passwords.
--- [ PoC ] ---
If a user has saved him/her own NickServ password or
Server Password a malicious person can launch a Process Memory Dumper
and look through the dumped memory and with a simple
string searching he/she can retrieve user password / server password.
WHOIS %2 %2
--- [ Local DoS ] ---
A local DoS (Denial of Service) Vulnerability has been found
in XChat 2.8.4-1 (unofficial).
This vulnerability can be exploited by a malicious person by a simple
click on the xchat's Icon in the Try-bar.
After the click on that icon xchat will crash.
Windows API used to put the application in the tray bar: Shell_NotifyIcon .
--- [ Patch ] ---
- No patch available from the vendor.
[ reply ]
Copyright 2010, SecurityFocus