CVE-2007-1397

fish - Stack-Based Buffer Overflow in ExtractRnick and decrypt_topic_332 Functions

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-1397. PoCs published by ilja van sprundel, Caleb James DeLisle.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in FiSH IRC encryption (CVE-2007-1397) by sending a maliciously crafted PRIVMSG to a victim IRC client. The payload includes NOP sleds and shellcode to execute arbitrary code (in this case, shutting down irssi).

Description

Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings.

Exploits (2)

exploitdb WORKING POC VERIFIED
by ilja van sprundel · perldoswindows
https://www.exploit-db.com/exploits/29721

This exploit targets a buffer overflow vulnerability in FiSH IRC encryption (CVE-2007-1397) by sending a maliciously crafted PRIVMSG to a victim IRC client. The payload includes NOP sleds and shellcode to execute arbitrary code (in this case, shutting down irssi).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: FiSH IRC encryption plugin (used with irssi)
No auth needed
Prerequisites: Victim must connect to the malicious IRC server · FiSH plugin must be loaded in the victim's IRC client
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Caleb James DeLisle · perlremotelinux
https://www.exploit-db.com/exploits/17181

This exploit targets CVE-2007-1397, a buffer overflow in FiSH IRC encryption. It sets up a malicious IRC server on port 6667 and sends a crafted PRIVMSG containing shellcode to trigger arbitrary code execution, specifically shutting down irssi.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: FiSH IRC encryption (irssi plugin)
No auth needed
Prerequisites: Victim must connect to the malicious IRC server · FiSH plugin must be loaded in irssi
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0910
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8216
Exploit x_refsource_misc
http://blogs.23.nu/ilja/stories/14493/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22880
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24495
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32892

Scores

EPSS 0.3494
EPSS Percentile 97.1%

Details

Status published
Products (1)
fish/fish (3 CPE variants)
Published Mar 10, 2007
Tracked Since Feb 18, 2026