Mandrake Linux Security Advisory : xchat (MDKSA-2004:036)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

A remotely exploitable vulnerability was discovered in the Socks-5
proxy code in XChat. By default, socks5 traversal is disabled, and one
would also need to connect to an attacker's own custom proxy server in
order for this to be exploited. Successful exploitation could lead to
arbitrary code execution as the user running XChat.

The provided packages are patched to prevent this problem.

See also :

http://www.nessus.org/u?591f5f7f

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 14135 (mandrake_MDKSA-2004-036.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0409

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now