Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 28 Jul 2010 10:52:15 +0200
From: Jan Lieskovsky <>
To: "Steven M. Christey" <>
CC: oss-security <>
Subject: CVE Request -- KVIrc -- Remote CTCP commands execution via specially-crafted
 CTCP parameter

Hi Steve,

   user with nickname 'unic0rn' reported:

a deficiency in the way KVIrc IRC client extracted the "next" CTCP parameter from message
pointer. A remote, authenticated attacker, valid KVIrc user, could send a specially-crafted
DCC Client-To-Client Protocol (CTCP) message, like:

/ctcp nickname DCC GET\rQUIT\r
/ctcp nickname DCC GET\rPRIVMSG\40#channel\40:epic\40fail\r

which could lead to / allow remote (KVIrc) CTCP commands execution. Different vulnerability
than CVE-2010-2451:
and CVE-2010-2452:

Upstream patch:

Workaround: (from [1])
   /option boolNotifyFailedDccHandshakes 0


Could you please allocate a CVE id for this?

Thanks && Regards, Jan.
Jan iankko Lieskovsky / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ