CVE-2007-4397
https://notcve.org/view.php?id=CVE-2007-4397
Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file. Múltiples vulnerabilidades de inyección CRLF en (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, y otras secuencias de comandos no especificadas para XChat permite a atacantes remotos con la intervención del usuario ejecutar comandos IRC de su elección a través de secuencias CRLF en el nombre de la canción en un archivo .mp3. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065227.html http://osvdb.org/39574 http://osvdb.org/39575 http://secunia.com/advisories/26454 http://secunia.com/advisories/26455 http://secunia.com/advisories/26484 http://secunia.com/advisories/26485 http://secunia.com/advisories/26486 http://secunia.com/advisories/26487 http://secunia.com/advisories/26488 http://securityreason.com/securityalert/3036 http://wouter.coekaerts.be/site/security/nowplaying http:/ •
CVE-2007-4398
https://notcve.org/view.php?id=CVE-2007-4398
Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and (2) xmms.pl 1.1 scripts for WeeChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file. Múltiples vulnerabilidades de inyección CRLF en las secuencias de comandos (1) now-playing.rb y (2) xmms.pl 1.1 para WeeChat permiten a atacantes remotos asistidos por usuario ejecutar comandos IRC arbitrarios a través de secuencias CRLF en el nombre de la canción en un archivo .mp3. • http://git.sv.gnu.org/gitweb/?p=weechat/scripts.git%3Ba=commit%3Bh=7429c29a2fab6d7493c0188b5f631a7c2ae1533d http://git.sv.gnu.org/gitweb/?p=weechat/scripts.git%3Ba=commit%3Bh=76f7f7b502352ba2b823e3388a2ca88840fd1945 http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065227.html http://osvdb.org/39564 http://osvdb.org/39565 http://secunia.com/advisories/26457 http://secunia.com/advisories/26490 http://securityreason.com/securityalert/3036 http://wouter.coekaerts.be/site/security/nowplaying •
CVE-2006-0458
https://notcve.org/view.php?id=CVE-2006-0458
The DCC ACCEPT command handler in irssi before 0.8.9+0.8.10rc5-0ubuntu4.1 in Ubuntu Linux, and possibly other distributions, allows remote attackers to cause a denial of service (application crash) via certain crafted arguments in a DCC command. • http://secunia.com/advisories/19090 http://www.securityfocus.com/bid/16913 https://exchange.xforce.ibmcloud.com/vulnerabilities/25147 https://usn.ubuntu.com/259-1 •
CVE-2003-1020
https://notcve.org/view.php?id=CVE-2003-1020
The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash). La función format_send_to_gui en formats.c en irssi anteriores a 0.8.9 permite a usuarios IRC remotos causar una denegación de servicio (caída) • http://www.mandriva.com/security/advisories?name=MDKSA-2003:117 http://www.securityfocus.com/archive/1/347218 https://exchange.xforce.ibmcloud.com/vulnerabilities/13973 •
CVE-2002-1840
https://notcve.org/view.php?id=CVE-2002-1840
irssi IRC client 0.8.4, when downloaded after 14-March-2002, could contain a backdoor in the configuration file, which allows remote attackers to access the system. • http://online.securityfocus.com/archive/1/274132 http://real.irssi.org/?page=backdoor http://www.iss.net/security_center/static/9176.php http://www.securityfocus.com/bid/4831 •