Description
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Marcus Meissner · textremotelinux
https://www.exploit-db.com/exploits/21210
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7856
Vendor Advisory vendor-advisory
x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000453
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2002/dsa-099
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2002-005.html
Third Party Advisory, VDB Entry vendor-advisory
x_refsource_hp
http://online.securityfocus.com/advisories/3806
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3830
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101060676210255&w=2
Scores
EPSS
0.0863
EPSS Percentile
92.5%
Details
Status
published
Products (2)
xchat/xchat
1.4.2
xchat/xchat
1.4.3
Published
Jun 25, 2002
Tracked Since
Feb 18, 2026