← Back

Bitchx

bitchx

5 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Bitchx
bitchx
5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2007-5922
2Bitchx
Cypress
2Bitchx
Cypress
Apr 23, 2026
Nov 10, 2007
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloaded from a distribution site in November 2007, contains an externally introduced backdoor that e-mails sensitive information (hostnames, usernames, and...Show more
The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloaded from a distribution site in November 2007, contains an externally introduced backdoor that e-mails sensitive information (hostnames, usernames, and shell history) to a fixed address.Show less
CVE-2007-5839
1Bitchx
1Bitchx
Apr 23, 2026
Nov 6, 2007
N/A· v4
N/A· v3
4.6 MEDIUM· v2
The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command.
CVE-2007-4584
1Bitchx
1Bitchx
Apr 23, 2026
Aug 29, 2007
N/A· v4
N/A· v3
10.0 HIGH· v2
Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable.
CVE-2007-3360
1Bitchx
1Bitchx
Apr 23, 2026
Jun 22, 2007
N/A· v4
N/A· v3
9.3 HIGH· v2
hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook fun...Show more
hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands.Show less
CVE-2003-1450
1Bitchx
1Bitchx
Apr 16, 2026
Dec 31, 2003
N/A· v4
N/A· v3
5.0 MEDIUM· v2
BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segmentation fault) via a malformed RPL_NAMREPLY numeric 353 message.