Bug 159566 - CAN-2004-0409 XChat buffer overflow in socks5 proxy
CAN-2004-0409 XChat buffer overflow in socks5 proxy
Status: CLOSED ERRATA
Product: Fedora Legacy
Classification: Retired
Component: xchat (Show other bugs)
fc1
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
LEGACY, 1, 2
: Security
: 123013 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-06-04 11:28 EDT by Marc Deslauriers
Modified: 2007-04-18 13:27 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-11-14 19:53:36 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marc Deslauriers 2005-06-04 11:28:23 EDT
+++ This bug was initially created as a clone of Bug #123013 +++

A flaw in the XChat's Socks-5 proxy code could allow arbitrary code
execution.  To exploit this flaw an attacker would need to create a
malicious socks-5 proxy that the victim connects to.

This issue was public on Mon, 5 Apr 2004

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0409 links to
http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html for 
more information.

"XChat's Socks-5 proxy code is vulnerable to a remote exploit. To
successfully exploit the code, you would need to enable socks5 
traversal (default off) and connect to the attacker's own custom
proxy server.

"If you never intend to use a Socks5 proxy, you are not affected at
all by this issue."

      CAN-2004-0409 Affects: FC1
      CAN-2004-0409 Affects: FC2
Comment 1 Marc Deslauriers 2005-06-04 11:29:08 EDT
This never got fixed for FC1
Comment 2 Marc Deslauriers 2005-06-11 11:50:38 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here are updated xchat packages to QA for fc1:

Changelog:
* Sat Jun 11 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
1:2.0.7-1.FC1.1.legacy
- - Added patch to fix CAN-2004-0409

042ab65aa0668e13877be78d24043149852ab4a9  xchat-2.0.7-1.FC1.1.legacy.i386.rpm
4143e1224d499db9b424b60817bf76b7b985405f  xchat-2.0.7-1.FC1.1.legacy.src.rpm

http://www.infostrategique.com/linuxrpms/legacy/1/xchat-2.0.7-1.FC1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/xchat-2.0.7-1.FC1.1.legacy.src.rpm


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCqwhFLMAs/0C4zNoRAojvAJ4yz92jpz9xaaPKEFXWe7SIBZUrDwCght4c
NkaKMTqYLU9IMMd59OHFoZ8=
=bS2G
-----END PGP SIGNATURE-----
Comment 3 Pekka Savola 2005-06-13 08:09:56 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
QA w/ rpm-build-compare.sh:
 - spec file changes minimal
 - source integrity good
 - patch verified to be identical with minor edits from RHEL3
 
+PUBLISH FC1
 
4143e1224d499db9b424b60817bf76b7b985405f  xchat-2.0.7-1.FC1.1.legacy.src.rpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
 
iD8DBQFCrXd0GHbTkzxSL7QRAvXtAKCZcfBvNoo8EIdyfDqlp/Lr0S4m9ACfVH0t
L6DiinBuh7V3QtlaVLl8/5w=
=8Kn6
-----END PGP SIGNATURE-----
Comment 4 Marc Deslauriers 2005-06-19 11:15:57 EDT
Packages were pushed to updates-testing
Comment 5 Pekka Savola 2005-06-29 05:11:07 EDT
Let's just track the two bugs in one bug number, I'll mark the other as a
duplicate..
Comment 6 Pekka Savola 2005-06-29 05:12:27 EDT
*** Bug 123013 has been marked as a duplicate of this bug. ***
Comment 7 David Eisenstein 2005-09-04 06:13:21 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Verifying FC1 package:

http://download.fedoralegacy.org/fedora/1/updates-testing/i386/

949871bada73a7e47b412e04b296fb8e661a6889  xchat-2.0.7-1.FC1.1.legacy.i386.rpm

  - sha1sums fine, package pgp signatures fine
  - installs fine.
  - works great
  - Don't have a socks5 proxy handy, so cannot test socks5 functionality.

  FC1 VERIFY+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFDGsh8xou1V/j9XZwRAl+cAKDnPfaCWleZIj1sFAIC4PSx8K42mACg1Cbo
Kt5mYtvBOBhZIsEYKzW2Ti0=
=E7vd
-----END PGP SIGNATURE-----
Comment 8 Pekka Savola 2005-09-04 11:23:55 EDT
Thanks!
Comment 9 David Eisenstein 2005-09-04 23:22:36 EDT
You're welcome!  :-)
Comment 10 David Eisenstein 2005-10-03 07:42:58 EDT
Looks like this has timed out.
Comment 11 Pekka Savola 2005-10-05 01:52:47 EDT
Yup..
Comment 12 Marc Deslauriers 2005-11-14 19:53:36 EST
Packages were released

Note You need to log in before you can comment on or make changes to this bug.