![]() When a certain string is appended to the topic, irssi will crash resulting in a denial of service. ![]() The vulnerability occurs when a user attempts to join a channel that has an overly long topic description. * irssi version 0.8.4 Long Malformed Topic Denial Of Service Vulnerability Credit: Discovery of this issue is credited to Ripe ( ) irssi is prone to a denial of service condition when a user joins a channel with a long, malformed topic. ![]() IrcII version 5.0.0 / 5.3.12 Bug 1: Sending a Invite with the parameters %s %n the program will crash Exploit: /.invite $nick $chan($chan(0) - 1) %s %n Unknown Other web mail services may also be vulnerable, although this has not been confirmed. It has been reported that it is possible to gain access to Hotmail accounts through information contained in these files. Under some circumstances, these files may contain sensitive information, including authentication credentials. ![]() When Gaim is used to check web mail on startup, world readable files are created in /tmp. Gaim runs on a number of Unix-based platforms, including Linux. * Gaim version 0.56 / 0.57 Sensitive World Readable Temporary File Vulnerability Credit: Discovery of this issue is credited to Scott Mackenzie ( ) Gaim is a chat client which supports AOL Instant Messenger, ICQ, MSN Instant Messenger, Yahoo Instant Messenger, Jabber and IRC. UnknownīitchX version 75.Op1 / 75.Op3 / 1.0c16 Bug 1: Sending a Invite with the parameters %s %n the program will crash Exploit: /.invite $nick $chan($chan(0) - 1) %s %n Unknown A maliciously formatted message may overflow this buffer and execute arbitrary code as the IRCIT client. When a INVITE message is received, the supplied from user data is copied into a fixed buffer of length MAXHOSTLEN. IRCIT contains a remote buffer overflow vulnerability. * Ayman Akt IRCIT version 0.3.1 Invite Message Remote Buffer Overflow Vulnerability Credit: Published by ( ) IRCIT is a terminal based IRC client for Linux and Unix systems.
0 Comments
Leave a Reply. |