Just so everyone knows, the version of xchat provided with SuSE 7.1 has been tested and is vulnerable to this attack. ========================================================================== ======= xchat 1.4.2 and 1.4.3 IRC session hijacking vulnerability ======== ========================================================================== It is possible to trick xchat IRC clients (1.4.2, 1.4.3) into sending commands to the IRC server they are on, potentially allowing for social engineering attacks, channel takeovers, and denial of service. Vendor updates for affected versions soon. http://security-archive.merton.ox.ac.uk/bugtraq-200201/0101.html </paste> Adam Daniel Technical Consultant ----------------------------------------------------------------------- FORENSIC DATA SERVICES PTY LIMITED http://www.forensicdata.com.au ------------------------------------------------------------------------ The information contained in this e-mail is confidential and is intended solely for the addressee. If you received this e-mail by mistake please notify us immediately and delete all copies of this message. You must not disclose or use in any way the information in the e-mail. It is the responsibility of the recipient to virus scan this e-mail and any attachments included.