Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote malicious users to execute arbitrary code via long strings.
# FiSH IRC encryption evil ircd PoC exploit
# Abuses CVE-2007-1397
# Bad ircd, nasty bnc provider, nicknames over 100 char --> ruin
# Runs arbitrary code which which in this case shuts down irssi
# Tested on my own compiled FiSH with irssi/fedora/x86
# There are a lot more problems like this one, you should /unload fish
# Caleb James DeLisle ...
source: wwwsecurityfocuscom/bid/22880/info
FiSH is prone to multiple remote buffer-overflow vulnerabilities because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer
An attacker can exploit these issues to execute arbitrary code within the context of the affected application ...