Vuln�rabilit� avec xchat quand associ� avec Netscape (ou sans).
[edit�]
From: zenith parsec <[EMAIL PROTECTED]>
Subject: XChat URL handler vulnerabilty
Date: 18 Aug 2000 08:28:18 +0200
Message-ID: <[EMAIL PROTECTED]>
[ ... ]
X-Chat has a feature which allows execution of code remotely
with the permissions of the user running it. (affects at least
versions <1.4.2, probably all versions.)
The hole is in the URL Handler section:
Netscape (Existing)
causes XChat to run the command
netscape -remote 'openURL(%s)'
where the %s is replaced by the selected URL
eg: http://homepages.ihug.co.nz/~Sneuro/
causes the command
netscape -remote 'openURL(http://homepages.ihug.co.nz/~Sneuro/)'
which opens that page.
Netscape (Run New)
causes XChat to run the command
netscape %s
and so on.
[ ... ]
--
Pour poster une annonce: [EMAIL PROTECTED]
