CVE-2002-1487

Trillian 0.73-0.74 - Denial of Service via Malicious IRC Server Messages

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-1487. PoCs published by l0bstah, Lance Fitz-Herbert.

AI-analyzed exploit summary This exploit targets a denial-of-service (DoS) vulnerability in Trillian 0.7*(d patch) by sending oversized NOTICE messages to an IRC server, causing a crash. The code establishes a connection, logs in, and repeatedly sends malformed data exceeding the IRC protocol's 510-character limit.

Description

The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) by sending the raw messages (1) 206, (2) 211, (3) 213, (4) 214, (5) 215, (6) 217, (7) 218, (8) 243, (9) 302, (10) 317, (11) 324, (12) 332, (13) 333, (14) 352, and (15) 367.

Exploits (2)

exploitdb WORKING POC VERIFIED
by l0bstah · cdoswindows
https://www.exploit-db.com/exploits/73

This exploit targets a denial-of-service (DoS) vulnerability in Trillian 0.7*(d patch) by sending oversized NOTICE messages to an IRC server, causing a crash. The code establishes a connection, logs in, and repeatedly sends malformed data exceeding the IRC protocol's 510-character limit.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Trillian 0.7*(d patch)
No auth needed
Prerequisites: Network access to the target IRC server · Target must be running vulnerable Trillian version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Lance Fitz-Herbert · cdoswindows
https://www.exploit-db.com/exploits/21819

This exploit demonstrates a denial-of-service (DoS) vulnerability in Trillian IRC client by sending malformed IRC raw messages or oversized data payloads. It binds to port 6667 and sends crafted payloads to trigger crashes in vulnerable Trillian versions.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Trillian IRC client version 0.74
No auth needed
Prerequisites: Network access to the target's IRC client · Target must connect to the attacker's malicious IRC server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-09/0268.html
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5775
Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10161.php

Scores

EPSS 0.1364
EPSS Percentile 96.0%

Details

Status published
Products (1)
cerulean_studios/trillian 0.74
Published Apr 02, 2003
Tracked Since Feb 18, 2026