CVE-2000-0594

BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.

Score5.0
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability ImpactPARTIAL
Published2000-07-04 12:00:00.000-04
Last Modified2017-10-09 09:29:12.000-04

Vulnerable Software List

VendorProductVersions
Freebsd Freebsd 3.5, 4.0
Caldera Openlinux Ebuilder 2.3
Caldera Openlinux Edesktop 2.4
Caldera Openlinux Eserver 2.3
Caldera Openlinux Desktop 2.3
Mandrakesoft Mandrake Linux 2007

References

SourceLink
BUGTRAQ20000704 BitchX exploit possibly waiting to happen, certain DoS
BUGTRAQ20000707 CONECTIVA LINUX SECURITY ANNOUNCEMENT - BitchX
BUGTRAQ20000707 BitchX update
FREEBSDFreeBSD-SA-00:32
VULN-DEV20000704 BitchX /ignore bug
CALDERACSSA-2000-022.0
REDHATRHSA-2000:042
BID1436
XFirc-bitchx-invite-dos(4897)