Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 184575 - net-irc/xchat security flaw in new scrollback/text replay feature when joining channels with a slash
Summary: net-irc/xchat security flaw in new scrollback/text replay feature when joinin...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial
Assignee: Gentoo Security
URL:
Whiteboard: ~? [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2007-07-08 09:29 UTC by Vincent Pit
Modified: 2007-07-15 14:18 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Vincent Pit 2007-07-08 09:29:58 UTC 
The new text replay feature of xchat 2.8.4 doesn't handle the slashes in channel names when it creates its directories. This could lead to malicious remote deletion of data.

Reproducible: Always

Steps to Reproduce:
With 2.8.4 :
1. Enable text replay by typing /set text_replay 1
2. Join #foo/bar on any server
3. Check ~/.xchat2/scrollback

Actual Results:  
This creates the file ~/.xchat2/scrollback/Network/foo/bar.txt


The xchat author provided a patch to fix this : http://xchat.org/files/source/2.8/patches/xc284-scrollbmkdir.diff
Like for the regular logs, slashes will be turned into underscores.
Comment 1 Raúl Porcel (RETIRED) gentoo-dev 2007-07-15 11:38:00 UTC 
xchat-2.8.4 is not stable and 2.8.2 is not affected.

Added the patch to xchat-2.8.4-r1, but actual stable is not affected, so, security, it's up to you.
Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-07-15 14:18:51 UTC 
Thx Armin76.

Closing with NO GLSA since no stable versions are affected.