EIP-2026-103424

PRE-CVE

BitchX 1.1-final - 'do_hook()' Remote Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103424. PoCs published by Federico L. Bossi Bonin.

AI-analyzed exploit summary This exploit targets a boundary check error in BitchX (epic) <=1.1-final's do_hook() function, causing a remote denial-of-service (DoS) via a crafted IRC message with a large integer and repeated characters. The code sets up a listener on port 6667 and sends a malformed payload to trigger the vulnerability.

Description

BitchX 1.1-final - 'do_hook()' Remote Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by Federico L. Bossi Bonin · cdosmultiple

https://www.exploit-db.com/exploits/1947

View Code ZIP pw:eip

This exploit targets a boundary check error in BitchX (epic) <=1.1-final's do_hook() function, causing a remote denial-of-service (DoS) via a crafted IRC message with a large integer and repeated characters. The code sets up a listener on port 6667 and sends a malformed payload to trigger the vulnerability.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: BitchX (epic) <=1.1-final

No auth needed

Prerequisites: Network access to the target's IRC port (6667)

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026