[16331] in bugtraq
Re: XChat URL Handler bug affects v1.3.9 up
daemon@ATHENA.MIT.EDU (chrome)
Mon Aug 21 17:19:13 2000
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.4.21.0008201906490.1925-100000@slackers.darktech.org>
Date: Sun, 20 Aug 2000 19:10:43 -0700
Reply-To: chrome <chrome@ELLTEL.NET>
From: chrome <chrome@ELLTEL.NET>
X-To: zenith parsec <zenith_parsec@THE-ASTRONAUT.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000818184135.3047.qmail@fiver.freemessage.com>
Verfified bug exists on [x]chat 1.5.5.
Later,
c.t.
| chromium tensility ; chrome@elltel.net ; another linux guru in training |
| kthulhu & co. went to yuggoth, and all i got was this lousy sig ; fn0rd |
On Fri, 18 Aug 2000, zenith parsec wrote:
>in my previous post i mentioned that all versions of XChat < 1.4.2 were
>potentially vulnerable to commands embedded in URLs by backticking.
>after some more research and looking at stuff on the net,
>(http://www.xchat.org/changelog.txt)
>it seems that this bug will only affect XChat versions
>1.3.9 and above, up to and including 1.4.2 (the devel
>series may also be vulnerable, as there is no mention on the changelog page
>of this bug.) (release 1.3.9 was the first to have editable URL handlers,
>which seem to be the cause.)
>
>(version 1.2.1 of xchat does not appear to be vulnerable.)
