VULHUB ™

A vulnerability has been reported in Roger Wilco. The problem occurs due to the client failing to carry out sufficient bounds checking before copying nicknames into memory. As a result, an attacker using a malformed Roger Wilco client may be capable of triggering a buffer overrun within the client of a user connected to the same server. This could potentially be exploited to corrupt sensitive stack variables such as a saved return address or function pointer. This would ultimately result in the execution of attacker-supplied code within the client of an affected user. It has been discovered that Roger Wilco 1.4.1.2 is in fact still vulnerable to this issue.

A vulnerability has been reported in Roger Wilco. The problem occurs due to the client failing to carry out sufficient bounds checking before copying nicknames into memory. As a result, an attacker using a malformed Roger Wilco client may be capable of triggering a buffer overrun within the client of a user connected to the same server. This could potentially be exploited to corrupt sensitive stack variables such as a saved return address or function pointer. This would ultimately result in the execution of attacker-supplied code within the client of an affected user. It has been discovered that Roger Wilco 1.4.1.2 is in fact still vulnerable to this issue.