BitchX IRC Client "/INVITE" Command Format String DoS
High Nessus Network Monitor Plugin ID 1855
SynopsisThe remote host is vulnerable to a remote 'format string' flaw.
DescriptionThe remote host is running a version of the BitchX IRC client that may be vulnerable to a format string attack. BitchX IRC clients, versions 75 up to and including 1.0c16, are vulnerable to a Denial of Service attack and possible remote execution of code. By /invite-ing someone to a channel name containing formatting characters an IRC user can cause the targeted user's BitchX client to seg-fault.
SolutionUpgrade according to vendor recommendations.