icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

XChat Malformed Nickname Remote Format String

High

Synopsis

The remote host is vulnerable to a remote 'format string' flaw.

Description

The remote host is running the XChat IRC client. XChat IRC client version 1.2.x is vulnerable to a format string attack. A remote attacker can create a specially crafted nickname that would cause arbitrary code to be executed on the system once a connection is established.

Solution

No solution is known at this time.