[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <46C6071A.80403@infiltrated.net>
Date: Fri, 17 Aug 2007 16:37:46 -0400
From: "J. Oquendo" <sil@...iltrated.net>
To: Danslo@...oo.com
Cc: bugtraq@...urityfocus.com
Subject: Re: Cross Platform remote IM vulnerability / DOS
Danslo@...oo.com wrote:
> At the least this causes the other machine to send out more packets than the average user may have known of, with a little thinking and just as much resources this could be used as a distributed denial of service attack.
Funny, don't even know why I wasted time with this but here goes... Sent
the message to a coworker of mine who just installed Pidgin and he
received the message just fine. Which (if any) off the record plugins
were used (http://www.cypherpunks.ca/otr/)
> On the current version of pidgin when this was tested on several OS's it often froze up the targets IM window for the duration of the attack and sometimes the entire system performance suffers. While the attack was being performed the IM window is non-usable.
What versions of operating systems to and from?
> Discovered by Dan Shinn <danslo@...oo.com>
> Testing by Rick Russel <noneck.net>
Sorry to be the spoiled sport/PITA/luzer,/insert-degrading-term-here,
to point this out to you but there is not even a remote portion of a
cross platform DoS that comes to mind with this. What DOES come to mind
is a misconfigured client on one end likely trying to start an off the
record IM session with a client without the software causing nothing to
show up.
Have the (so called) affected machine install OTR then come back with
your findings. Also include operating systems on both ends e.g.:
While sending x message using Pidgin with my Windows Version X to a
friend who was using Pidgin version x on a Windows Version X machine, I
noticed the like OMFG I DoS'd him. You'll likely find a bigger response
to your problem. This does not sound like a multiplatform DoS to me but
more of an ID 10 T error commonly seen. (These are usually associated
with PEBKAC issues).
I tried to convince my coworker his IM Client crashed but he quickly
messaged me back that it didn't. Even after I tried sending a quick
while script * 6k messages per second, he still responded back. Kind of
like that Verizon interweb Yes video. "Yes... Yes... Yes..."
--
====================================================
J. Oquendo
"Excusatio non petita, accusatio manifesta"
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E
sil . infiltrated @ net http://www.infiltrated.net
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5157 bytes)
Powered by blists - more mailing lists