наткнулся на уязвимось ее описания не было на форуме, потому выложу ЧАТ CGI:IRC client.c Buffer Overflow Vulnerability ============================= Release Date: 2006-05-02 Last Update: 2006-05-04 Description: A vulnerability has been reported in CGI:IRC, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an error in client.c within the handling of the received cookie value. This can be exploited to cause a buffer overflow and may allow arbitrary code execution. The vulnerability has been reported in version 0.5.7. Prior versions may also be affected. Solution: Update to version 0.5.8. =========================== Вот код патчей http://cvs.cgiirc.org/chngview?cn=283 http://cvs.cgiirc.org/chngview?cn=263 Я еще поразбираюсь...,, но может у кго-то есть уже готовый exploit.
