CVE-2007-3360

Publication date 22 June 2007

Last updated 24 July 2024

Ubuntu priority

hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
ircii-pana	7.04 feisty	Fixed 1:1.1-4ubuntu2.1
	6.10 edgy	Fixed 1:1.1-4ubuntu1.1
	6.06 LTS dapper	Fixed 1:1.1-4ubuntu0.1

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

debdiff in LP

References

MITRE
NVD
Launchpad
Debian

Other references

https://bugs.launchpad.net/ubuntu/+source/ircii-pana/+bug/129771
https://www.cve.org/CVERecord?id=CVE-2007-3360