CVE-2013-7449
https://notcve.org/view.php?id=CVE-2013-7449
The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. La función ssl_do_connect en common/server.c en HexChat en versiones anteriores a 2.10.2, XChat y XChat-GNOME no verifica que el nombre de host del servidor coincide con un nombre de dominio en el certificado X.509, lo que permite a atacantes man-in-the-middle suplantar servidores SSL a través de un certificado válido arbitrario. • http://hexchat.readthedocs.org/en/latest/changelog.html http://www.ubuntu.com/usn/USN-2945-1 https://bugzilla.redhat.com/show_bug.cgi?id=1081839 https://github.com/hexchat/hexchat/commit/c9b63f7f9be01692b03fa15275135a4910a7e02d https://github.com/hexchat/hexchat/issues/524 • CWE-310: Cryptographic Issues •
CVE-2016-2233 – Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow
https://notcve.org/view.php?id=CVE-2016-2233
Stack-based buffer overflow in the inbound_cap_ls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service (crash) via a large number of options in a CAP LS message. Desbordamiento de búfer basado en pila en la función inbound_cap_ls en common/inbound.c en HexChat 2.10.2 permite a servidores IRC remotos provocar una denegación de servicio (caída) a través un gran número de opciones en un mensaje CAP LS. Hexchat IRC client version 2.11.0 suffers from a stack buffer overflow vulnerability. • https://www.exploit-db.com/exploits/39657 https://github.com/fath0218/CVE-2016-2233 http://packetstormsecurity.com/files/136563/Hexchat-IRC-Client-2.11.0-CAP-LS-Handling-Buffer-Overflow.html http://www.securityfocus.com/bid/95920 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-2087 – Hexchat IRC Client 2.11.0 - Directory Traversal
https://notcve.org/view.php?id=CVE-2016-2087
Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. (dot dot) in the server name. Vulnerabilidad de salto de directorio en el cliente en HexChat 2.11.0 permite a servidores IRC remotos leer o modificar archivos arbitrarios a través de un .. (punto punto) en el nombre del servidor. Hexchat IRC client version 2.11.0 suffers from a directory traversal vulnerability. • https://www.exploit-db.com/exploits/39656 http://packetstormsecurity.com/files/136564/Hexchat-IRC-Client-2.11.0-Directory-Traversal.html http://www.securityfocus.com/bid/95881 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •