Signature Detail
Short Name |
CHAT:IRC:OVERFLOW:XCHAT-SOCKS |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
CHAT |
Keywords |
XChat SOCKS 5 Buffer Overrun |
Release Date |
2004/05/19 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
CHAT: XChat SOCKS 5 Buffer Overrun
This signature detects attempts to exploit a known vulnerability against an XChat client, an IRC client for UNIX. XChat versions 1.8.0 through 2.0.8 are vulnerable. Because the XChat client does not properly validate user input, an attacker can use a malicious IRC server to overflow a buffer and execute arbitrary code on the target host.
Extended Description
A remotely exploitable buffer overrun was reported in XChat. This issue exists in the SOCKS 5 proxy code. This stack-based buffer overrun could be exploited by a malicious proxy server if SOCKS 5 traversal has been enabled in the client. Successful exploitation will result in execution of arbitrary code as the client user. It should be noted that SOCKS 5 traversal is not enabled by default and this issue only poses a risk if the victim user deliberately connects to an attacker's SOCKS 5 proxy server.
Affected Products
- Netwosix Netwosix Linux 1.0.0
- Netwosix Netwosix Linux 1.1.0
- Red Hat Fedora Core1
- Red Hat Fedora Core2
- Red Hat xchat-1.8.11-7.i386.rpm
- X-Chat 1.2.1
- X-Chat 1.3.10
- X-Chat 1.3.11
- X-Chat 1.3.12
- X-Chat 1.3.13
- X-Chat 1.3.9
- X-Chat 1.4.0
- X-Chat 1.4.1
- X-Chat 1.4.2
- X-Chat 1.4.3
- X-Chat 1.5.0 dev
- X-Chat 1.5.6 dev
- X-Chat 1.6.3
- X-Chat 1.6.4
- X-Chat 1.7.7
- X-Chat 1.8.0
- X-Chat 1.8.1
- X-Chat 1.8.2
- X-Chat 1.8.6
- X-Chat 1.8.7
- X-Chat 1.8.8
- X-Chat 1.8.9
- X-Chat 2.0.1
- X-Chat 2.0.4
- X-Chat 2.0.5
- X-Chat 2.0.6
- X-Chat 2.0.7
- X-Chat 2.0.8
References
- BugTraq: 10168
- CVE: CVE-2004-0409
- URL: http://www.redhat.com/support/errata/RHSA-2004-177.html
- URL: http://www.xchat.org/