Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable.

hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands.