Bugtraq mailing list archives
Re: Re: XChat 2.8.4-1 - Multiple Vulnerabilities
From: omnipresent () email it
Date: 29 Mar 2008 17:41:01 -0000
1) Password disclosure What priviledges on the system do you need to >read that process memory? With such priviledges, why don't you read the >data directly from the config file?
You can try to use the evil's ProcessMemoryDumper. I dumped (and I've obtained user password) the memory from a limited User.
2) Local Dos Is the build unoficial/unsupported from the XChat >team? Does the same bug exists in the official builds?
I've not tested the Official release.
You talk about a local dos.. how can a user access >the tray icon of another user to trigger the crash?
The "bug" was found while I was working in a VPN.. Regards.
Current thread:
- XChat 2.8.4-1 - Multiple Vulnerabilities evilcry (Mar 28)
- <Possible follow-ups>
- Re: XChat 2.8.4-1 - Multiple Vulnerabilities fabio (Mar 28)
- Re: Re: XChat 2.8.4-1 - Multiple Vulnerabilities omnipresent (Mar 31)