Vulnerability Name:

CVE-2002-0006 (CCN-7856)

Assigned:2002-01-09
Published:2002-01-09
Updated:2017-10-10
Summary:XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: BugTraq Mailing List, Wed Jan 09 2002 - 03:45:13 CST
xchat IRC session hijacking vulnerability (versions 1.4.1, 1.4.2)

Source: MITRE
Type: CNA
CVE-2002-0006

Source: CCN
Type: Conectiva Linux Announcement CLSA-2002:453
xchat

Source: CONECTIVA
Type: UNKNOWN
CLA-2002:453

Source: BUGTRAQ
Type: UNKNOWN
20020109 xchat IRC session hijacking vulnerability (versions 1.4.1, 1.4.2)

Source: CCN
Type: Hewlett-Packard Security Bulletin HPSBTL0201-016
Bug in CTCP PING handling code.

Source: HP
Type: UNKNOWN
HPSBTL0201-016

Source: CCN
Type: RHSA-2002-005
Updated xchat packages are available

Source: REDHAT
Type: UNKNOWN
RHSA-2002:005

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-099

Source: DEBIAN
Type: DSA-099
xchat -- IRC session hijacking

Source: CCN
Type: OSVDB ID: 5423
XChat PRIVMSG Encoded Characters Arbitrary Command Execution

Source: BID
Type: UNKNOWN
3830

Source: CCN
Type: BID-3830
X-Chat CTCP Ping Arbitrary Remote IRC Command Execution Vulnerability

Source: CCN
Type: X-Chat Web site
xchat

Source: XF
Type: UNKNOWN
xchat-ctcp-ping-command(7856)

Source: XF
Type: UNKNOWN
xchat-ctcp-ping-command(7856)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:xchat:xchat:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:xchat:xchat:1.4.3:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.debian:def:99
    V
    		IRC session hijacking
    2002-01-12
    BACK
    xchat xchat 1.4.2
    xchat xchat 1.4.3
    redhat linux 6.2
    debian debian linux 2.2
    redhat linux 7
    redhat linux 7.1
    redhat linux 7.2
    redhat linux 7.3