Vulnerability Name:

CVE-2007-4398 (CCN-35985)

Assigned:2007-08-12
Published:2007-08-12
Updated:2018-10-15
Summary:Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and (2) xmms.pl 1.1 scripts for WeeChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
2.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: Full-Disclosure Mailing List, Sun Aug 12 2007 - 12:02:24 CDT
Vulnerability in multiple "now playing" scripts for various IRC clients

Source: MITRE
Type: CNA
CVE-2007-4396

Source: MITRE
Type: CNA
CVE-2007-4397

Source: MITRE
Type: CNA
CVE-2007-4398

Source: MITRE
Type: CNA
CVE-2007-4399

Source: MITRE
Type: CNA
CVE-2007-4400

Source: MITRE
Type: CNA
CVE-2007-4401

Source: MITRE
Type: CNA
CVE-2007-4402

Source: MITRE
Type: CNA
CVE-2007-4403

Source: CONFIRM
Type: UNKNOWN
http://git.sv.gnu.org/gitweb/?p=weechat/scripts.git;a=commit;h=7429c29a2fab6d7493c0188b5f631a7c2ae1533d

Source: CONFIRM
Type: UNKNOWN
http://git.sv.gnu.org/gitweb/?p=weechat/scripts.git;a=commit;h=76f7f7b502352ba2b823e3388a2ca88840fd1945

Source: CCN
Type: Xchat-XMMS Web site
xchat-xmms

Source: CCN
Type: irssi Web site
irssi

Source: CCN
Type: Konversation Web site
Konversation

Source: FULLDISC
Type: UNKNOWN
20070812 Vulnerability in multiple "now playing" scripts for various IRC clients

Source: OSVDB
Type: UNKNOWN
39564

Source: OSVDB
Type: UNKNOWN
39565

Source: CCN
Type: SA26454
XMMS-Control for XChat id3 Tag Input Validation Error

Source: CCN
Type: SA26455
xchat-xmms for XChat id3 Tag Input Validation Error

Source: CCN
Type: SA26456
Konversation Media Script id3 Tag Input Validation Error

Source: CCN
Type: SA26457
now_playing.rb for weechat id3 Tag Input Validation Error

Source: SECUNIA
Type: Vendor Advisory
26457

Source: CCN
Type: SA26483
Multiple irssi Music Announcement Scripts id3 Tag Input Validation Error

Source: CCN
Type: SA26484
xmms-thing for XChat id3 Tag Input Validation Error

Source: CCN
Type: SA26485
XMMS Remote Control Script for XChat id3 Tag Input Validation Error

Source: CCN
Type: SA26486
Disrok for XChat id3 Tag Input Validation Error

Source: CCN
Type: SA26487
a2x for XChat id3 Tag Input Validation Error

Source: CCN
Type: SA26488
Another xmms-info script for XChat id3 Tag Input Validation Error

Source: CCN
Type: SA26489
xmms.bx for BitchX id3 Tag Input Validation Error

Source: CCN
Type: SA26490
xmms.pl for weechat id3 Tag Input Validation Error

Source: SECUNIA
Type: Vendor Advisory
26490

Source: CCN
Type: SA26491
Advanced mIRC Integration Plugin id3 Tag Input Validation Error

Source: SREASON
Type: UNKNOWN
3036

Source: CCN
Type: FlashTux Web site
WeeChat

Source: CCN
Type: wouter.coekaerts.be Web site
Vulnerability in multiple "now playing" scripts for various IRC clients

Source: MISC
Type: UNKNOWN
http://wouter.coekaerts.be/site/security/nowplaying

Source: CCN
Type: BitchX Web site
BitchX IRC Client

Source: CCN
Type: Joe Thielen Web page
XMMS-Control

Source: CCN
Type: mIRC Home page
mIRC - An Internet Relay Chat program

Source: CCN
Type: OSVDB ID: 37481
xmms.bx for BitchX MP3 id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39564
now_playing.rb for weechat id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39565
xmms.pl for weechat id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39566
xmms-thing for XChat id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39567
XMMS Remote Control Script for XChat id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39568
Multiple Music Announcement Scripts for irssi id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39569
Konversation Media Script id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39570
mIRC Control Plug-in id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39571
Disrok for XChat id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39572
Another xmms-info script for XChat id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39573
a2x for XChat id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39574
xchat-xmms for XChat id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 39575
XMMS-Control for XChat id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: CCN
Type: OSVDB ID: 58654
Advanced mIRC Integration Plugin id3 Tag CRLF Injection Arbitrary IRC Command Execution

Source: BUGTRAQ
Type: UNKNOWN
20070812 Vulnerability in multiple "now playing" scripts for various IRC clients

Source: BID
Type: UNKNOWN
25281

Source: CCN
Type: BID-25281
Multiple IRC Client Now Playing Scripts Input Validation Vulnerability

Source: CCN
Type: BID-25285
Universal Ircd Server Multiple Remote Vulnerabilities

Source: CCN
Type: Xchat Web site
Xchat

Source: XF
Type: UNKNOWN
irc-multiple-command-execution(35985)

Source: XF
Type: UNKNOWN
irc-multiple-command-execution(35985)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:irssi:irssi:*:*:*:*:*:*:*:* (Version <= 0.8.10rc5)

    • Configuration CCN 1:
  • cpe:/a:mirc:mirc:2.49:*:*:*:*:*:*:*
  • AND
  • cpe:/o:fedoraproject:fedora_core:6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    irssi irssi *
    mirc mirc 2.49
    fedoraproject fedora core 6