Bugtraq mailing list archives
Re: MDKSA-2000:039 - xchat update
From: Joey Hess <joey () KITENET NET>
Date: Fri, 25 Aug 2000 20:22:05 -0700
Package: xchat Version: 1.4.2-1.1 Severity: important Signal 11 wrote:
Just to chime in here, for distributions who haven't released an update the source for 1.4.2 is available on the author's website here for the impatient: http://xchat.linuxpower.org/index.html I checked, and the latest stable release of debian is not vulnerable (See http://www.debian.org/Packages/stable/net/ )
Actually it is. The "netscape (existing)" and "netscape (new window)" menu entries are safe, but other menu entries (I tried the one for lynx) do expose the url to the shell. By the way, a way to exploit this that that's not too blatent, if you don't mind just DOS-ing the victim, is something like http://drugs.org/just/say/`yes` (warning, following said url in xchat will eat all memory you are allowed to eat on your system, and thus tends to crash poorly-configured linux systems). -- see shy jo
Current thread:
- MDKSA-2000:039 - xchat update Linux Mandrake Security Team (Aug 24)
- Re: MDKSA-2000:039 - xchat update Signal 11 (Aug 25)
- Re: MDKSA-2000:039 - xchat update Joey Hess (Aug 25)
- Re: MDKSA-2000:039 - xchat update Decklin Foster (Aug 28)
- Re: MDKSA-2000:039 - xchat update (xchat-1.4.2-nourltoshell.patch) Anthony Fok (Aug 28)
- Re: MDKSA-2000:039 - xchat update Joey Hess (Aug 25)
- Re: MDKSA-2000:039 - xchat update Signal 11 (Aug 25)
- Re: MDKSA-2000:039 - xchat update Andreas Hasenack (Aug 25)