Site Network: Beskerming.com | Skiifwrald.com | Jongsma & Jongsma

Security for All

Sûnnet Beskerming is a company with a focus and a drive to provide Information Security services for all those who want to stay safe and secure in an online world.

Username: | Password: Contact us to request an account

BitchX - Remote hacker automatic control

Version: 1.1 and prior.
Technical Details:

Unchecked bounds in a hash table in hook.c, allowing remote code execution by a malicious server. Exploit code is readily available and it is believed to affect all versions of the software (current exploit code targets the current Linux version).

Description:

BitchX is one of the most popular IRC clients that is available for multiple platforms. Derived from the ircII IRC client, it remains a popular choice for connecting to IRC.

Exploit code has been released which allows an attacker to take control of a vulnerable system when a vulnerable version of the software tries to connect to a malicious server.

Mitigation:

Consider the use of alternate IRC clients, or only connect to trusted IRC servers while using vulnerable versions of BitchX

Updates:

Not Yet Available

Source:

http://www.securitylab.ru/poc/extra/298093.php

Exploits:

http://www.securitylab.ru/poc/extra/298093.php

External Tracking Data:

Not Yet Identified


Social bookmark this page