| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <000001c6fd1d$09c963f0$6502a8c0@zionsecutiy> Date: Tue, 31 Oct 2006 18:25:13 +0200 From: "LegendaryZion" <moskito@...le.net.il> To: <bugs@...uritytracker.com>, "BugTraq" <bugtraq@...urityfocus.com>, <news@...uriteam.com>, <full-disclosure@...ts.grok.org.uk> Subject: Local Heap OverFlow Vulnerability in "Answering Service" of Icq ·= Security Advisory =· Issue: Local Heap OverFlow Vulnerability in "Answering Service" of Icq. Discovered Date: 09/08/2006 Author: Tal Argoni, LegendaryZion. [talargoni at gmail.com] Product Vendor: http://www.Icq.com Details: Icq 2003 client is prone to a Local Heap OverFlow Vulnerability. The vulnerability exists in "Answering Service" function, because lack of boundary testing. Usage: Open the key: HKLM\Software\Mirabilis\ICQ\ICQPro\DefaultPrefs\Presets Edit the value: AwayMsg Presets [#] Add 501 bytes string value. Open icq. Change the away to the one you have audit above and the icq client crash. Tested on Icq 2003b 3916 Thanks, Tal Argoni, CEH www.zion-security.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists