CVE-2006-4455

Xchat < 2.6.7 - Denial of Service

Title source: rule

Description

Unspecified vulnerability in Xchat 2.6.7 and earlier allows remote attackers to cause a denial of service (crash) via unspecified vectors involving the PRIVMSG command. NOTE: the vendor has disputed this vulnerability, stating that it does not affect 2.6.7 "or any recent version"

Exploits (2)

exploitdb WORKING POC VERIFIED

by ratboy · phpdoswindows

https://www.exploit-db.com/exploits/2124

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Elo · perldoswindows

https://www.exploit-db.com/exploits/2147

View Code ZIP pw:eip

References (8)

[Various Sources] http://forum.xchat.org/viewtopic.php?t=2918

[Mailing List] http://marc.info/?l=bugtraq&m=115523184321922&w=2

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/28325

[Various Sources] http://www.xchat.org/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/19398

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2124

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2147

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1016687

Scores

EPSS 0.4751

EPSS Percentile 97.6%

Classification

Status draft

Affected Products (1)

xchat/xchat < 2.6.7

Timeline

Published Aug 30, 2006

Tracked Since Feb 18, 2026