CVE-2002-1486

Trillian 0.73-0.74 - Buffer Overflow via Malicious IRC Server Responses

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 5 public exploits for CVE-2002-1486. PoCs published by Lance Fitz-Herbert.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Trillian (CVE-2002-1486) by sending oversized data blocks (>4095 bytes) or malformed IRC protocol messages to crash the client. It demonstrates DoS via three attack vectors: raw IRC commands, PART messages, and large data payloads.

Description

Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server.

Exploits (5)

exploitdb WORKING POC VERIFIED
by Lance Fitz-Herbert · cdoswindows
https://www.exploit-db.com/exploits/21823

This exploit targets a buffer overflow vulnerability in Trillian (CVE-2002-1486) by sending oversized data blocks (>4095 bytes) or malformed IRC protocol messages to crash the client. It demonstrates DoS via three attack vectors: raw IRC commands, PART messages, and large data payloads.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Trillian 0.74
No auth needed
Prerequisites: Network access to target's IRC port (6667) · Trillian client connected to a malicious server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Lance Fitz-Herbert · cdoswindows
https://www.exploit-db.com/exploits/21816

This exploit targets a buffer overflow vulnerability in Trillian versions 0.73 and 0.74 by sending a maliciously crafted IRC raw user mode message (221) with 251 or more bytes of data. The PoC demonstrates a denial-of-service (DoS) attack by crashing the Trillian client.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Trillian 0.73 and 0.74
No auth needed
Prerequisites: Trillian client connected to a malicious IRC server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Lance Fitz-Herbert · cdoswindows
https://www.exploit-db.com/exploits/21813

This exploit targets a buffer overflow vulnerability in Trillian IRC client versions 0.73 and 0.74 by sending a malformed JOIN command. It creates a fake IRC server to trigger the flaw, leading to a denial of service (DoS) condition.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Trillian IRC client 0.73, 0.74
No auth needed
Prerequisites: Network access to the target · Trillian client connected to the malicious server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Lance Fitz-Herbert · cremotewindows
https://www.exploit-db.com/exploits/21810

This exploit demonstrates a buffer overflow in Trillian versions .73 and .74 by sending an overly large sender name in a PRIVMSG command, leading to a denial of service. The code sets up a fake IRC server to trigger the vulnerability.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Trillian .73 and .74
No auth needed
Prerequisites: Victim must connect to the attacker's fake IRC server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Lance Fitz-Herbert · cremotewindows
https://www.exploit-db.com/exploits/21804

This exploit targets a buffer overflow vulnerability in the Trillian ident server by sending a malformed request of 500 bytes. It causes a denial of service (DoS) by crashing the client and corrupting memory, with potential for arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Trillian versions 0.73 and 0.74
No auth needed
Prerequisites: Network access to the target's ident server (port 113)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5777
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5769
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5765
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10151.php
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-09/0268.html
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-09/0266.html
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10163.php
Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-09/0258.html
Third Party Advisory mailing-list x_refsource_ntbugtraq
http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0139.html
Third Party Advisory mailing-list x_refsource_ntbugtraq
http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0140.html
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10150.php

Scores

EPSS 0.0936
EPSS Percentile 94.7%

Details

Status published
Products (3)
cerulean_studios/trillian 0.73
cerulean_studios/trillian 0.74
cerulean_studios/trillian 0.725
Published Apr 02, 2003
Tracked Since Feb 18, 2026