Xchat · Xchat · CVE-2003-1000
**Name of the Vulnerable Software and Affected Versions**
xchat version 2.0.6
**Description**
The issue allows remote attackers to cause a denial of service, resulting in a crash, via a passive DCC request with an invalid ID number. This action causes a null dereference.
**Recommendations**
For xchat version 2.0.6, as a temporary workaround, consider disabling the handling of passive DCC requests until a patch is available. Restrict access to the DCC functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.