IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Xchat | Xchat | 1.2.1 (including) | 1.2.1 (including) |
| Xchat | Xchat | 1.3.9 (including) | 1.3.9 (including) |
| Xchat | Xchat | 1.3.10 (including) | 1.3.10 (including) |
| Xchat | Xchat | 1.3.11 (including) | 1.3.11 (including) |
| Xchat | Xchat | 1.3.12 (including) | 1.3.12 (including) |
| Xchat | Xchat | 1.3.13 (including) | 1.3.13 (including) |
| Xchat | Xchat | 1.4 (including) | 1.4 (including) |
| Xchat | Xchat | 1.4.1 (including) | 1.4.1 (including) |
| Xchat | Xchat | 1.4.2 (including) | 1.4.2 (including) |
| Xchat | Xchat | 1.5.6 (including) | 1.5.6 (including) |
| Xchat | Xchat | 1.5.xdev (including) | 1.5.xdev (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0215.html
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0301.html
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0305.html
- http://www.redhat.com/support/errata/RHSA-2000-055.html
- http://www.securityfocus.com/bid/1601
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0215.html
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0301.html
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0305.html
- http://www.redhat.com/support/errata/RHSA-2000-055.html
- http://www.securityfocus.com/bid/1601