BitchX IRC Client DNS Response Remote Overflow
Medium Nessus Network Monitor Plugin ID 1856
SynopsisThe remote host is running a version of the BitchX IRC client that may be vulnerable to a buffer overflow.
DescriptionA buffer overflow within the DNS resolver code makes it possible to overwrite stack variables by generating a malformed DNS packet. A malicious attacker may use this vulnerability to execute arbitrary code in the context of the BitchX client. Note that it is necessary for an attacker to control a DNS server to exploit this bug.
SolutionUpgrade or patch according to vendor recommendations.