Melocene

**Name of the Vulnerable Software and Affected Versions** Halloy versions prior to commit 0f77b2cfc5f822517a256ea5a4b94bad8bfe38b6 **Description** Halloy, an IRC application written in Rust, had a flaw in its DCC receive flow. Before commit 0f77b2cfc5f822517a256ea5a4b94bad8bfe38b6, filenames received through `DCC SEND` requests were not properly sanitized. This allowed a remote IRC user to potentially write files outside the user’s designated `save directory` by crafting filenames with path traversal sequences, such as `../../.ssh/authorized keys`. If auto-accept was enabled, this could occur without any interaction from the victim. The issue stemmed from a lack of filename sanitization during the DCC receive process. **Recommendations** Update Halloy to a version with commit 0f77b2cfc5f822517a256ea5a4b94bad8bfe38b6 or later.

**Name of the Vulnerable Software and Affected Versions** Halloy versions prior to commit f180e41061db393acf65bc99f5c5e7397586d9cb **Description** Halloy, an IRC application written in Rust, improperly manages file permissions when creating its configuration directory and files on *nix and macOS systems. Specifically, the application uses default umask permissions, resulting in `0644` for files and `0755` for directories. This allows any local user on the system to read sensitive information, including plaintext credentials, stored in the `config.toml` file or referenced within `password file` paths. **Recommendations** Update to a version with commit f180e41061db393acf65bc99f5c5e7397586d9cb or later.