CVE-2003-0321

Name of the Vulnerable Software and Affected Versions: BitchX IRC client versions 1.0-0c19 and earlier

Description: The issue is related to multiple buffer overflows that can be triggered by remote malicious IRC servers. These overflows occur when the client encounters long hostnames, nicknames, or channel names that are not properly handled by certain functions, including send ctcp, cannot join channel, cluster, BX compress modes, handle oper vision, and ban it. This can lead to a denial of service (crash) and potentially allow the execution of arbitrary code.

Recommendations: For BitchX IRC client versions 1.0-0c19 and earlier, consider disabling the functions send ctcp, cannot join channel, cluster, BX compress modes, handle oper vision, and ban it as a temporary workaround until a patch is available. Restrict access to the client to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.