Vulnerabilities > Bitchx
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-10 | CVE-2007-5922 | Information Exposure vulnerability in multiple products The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloaded from a distribution site in November 2007, contains an externally introduced backdoor that e-mails sensitive information (hostnames, usernames, and shell history) to a fixed address. | 5.0 |
| 2007-11-06 | CVE-2007-5839 | Link Following vulnerability in Bitchx 1.1A The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command. | 4.6 |
| 2007-08-29 | CVE-2007-4584 | Buffer Errors vulnerability in Bitchx 1.1Final Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable. | 10.0 |
| 2007-06-22 | CVE-2007-3360 | Remote Buffer Overflow vulnerability in Bitchx 1.1Final hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands. | 9.3 |
| 2003-12-31 | CVE-2003-1450 | Improper Input Validation vulnerability in Bitchx BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segmentation fault) via a malformed RPL_NAMREPLY numeric 353 message. | 5.0 |