Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2004-0409

Published: 01/06/2004 Updated: 11/10/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Xchat

Vulnerability Summary

Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote malicious users to execute arbitrary code.

Vulnerable Product Search on Vulmon Subscribe to Product

xchat xchat 1.8.4

xchat xchat 1.8.5

xchat xchat 1.8.6

xchat xchat 1.9.3

xchat xchat 1.9.4

xchat xchat 2.0.1

xchat xchat 2.0.2

xchat xchat 1.8.0

xchat xchat 1.8.1

xchat xchat 1.8.9

xchat xchat 1.9.0

xchat xchat 1.9.7

xchat xchat 1.9.8

xchat xchat 2.0.5

xchat xchat 2.0.6

xchat xchat 1.8.7

xchat xchat 1.8.8

xchat xchat 1.9.5

xchat xchat 1.9.6

xchat xchat 2.0.3

xchat xchat 2.0.4

xchat xchat 1.8.2

xchat xchat 1.8.3

xchat xchat 1.9.1

xchat xchat 1.9.2

xchat xchat 1.9.9

xchat xchat 2.0.0

xchat xchat 2.0.7

xchat xchat 2.0.8

Vendor Advisories

Red Hat: xchat security update
Synopsis xchat security update Type/Severity Security Advisory: Low Topic An updated xchat package that fixes a stack buffer overflow in the SOCKSv5proxy code Description X-Chat is a graphical IRC chat client for the X Window SystemA stack buffer overflow has been fixed in the SOCKSv5 pro ...
Debian Security Advisories: DSA-493-1 xchat -- buffer overflow
A buffer overflow has been discovered in the Socks-5 proxy code of XChat, an IRC client for X similar to AmIRC This allows an attacker to execute arbitrary code on the users' machine For the stable distribution (woody) this problem has been fixed in version 189-0woody3 For the unstable distribution (sid) this problem has been fixed in version ...

Exploits

Exploit DB: XChat 1.8.0/2.0.8 socks5 - Remote Buffer Overflow
/*[ X-Chat[v180 - v208]: socks-5 remote buffer overflow exploit ] * * * * by: vade79/v9 v9 fakehalo deadpig org (fakehalo/realhalo) * * ...

References

NVD-CWE-Otherhttp://mail.nl.linux.org/xchat-announce/2004-04/msg00000.htmlhttp://www.xchat.org/http://www.redhat.com/support/errata/RHSA-2004-177.htmlhttp://www.redhat.com/support/errata/RHSA-2004-585.htmlhttp://security.gentoo.org/glsa/glsa-200404-15.xmlhttp://www.fedoralegacy.org/updates/FC2/2005-11-14-FLSA_2005_123013https://www.debian.org/security/2004/dsa-493https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11312https://access.redhat.com/errata/RHSA-2004:585https://nvd.nist.govhttps://www.exploit-db.com/exploits/296/https://www.debian.org/security/./dsa-493
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook