Re: mIRC Buffer Overflow

From: Krish Ahya (Krishat_private)
Date: Sun Feb 03 2002 - 13:51:10 PST

Next message: Blue Boar: "Re: mIRC Buffer Overflow"

Previous message: Syzop: "Re: mIRC Buffer Overflow"
In reply to: David Dorgan: "mIRC Buffer Overflow"
Next in thread: Blue Boar: "Re: mIRC Buffer Overflow"
Reply: Blue Boar: "Re: mIRC Buffer Overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

Why would you release an exploit for this hole if currently there are no
security patches for it? Do you know how many people run mIRC? Most of which
know nothing about even how they got online! My prediction is that several
machines are going to get compromised due to this.

Thanks for reporting it, but to release an exploit with no patches, simply
is a "Black Hat" mentality.

teli
~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~
"When you sit with a nice girl for two hours, it seems like two minutes.
When you sit on a hot stove for two minutes, it seems like two hours, that's
relativity." -- Albert Einstein

----- Original Message -----
From: "David Dorgan" <dat_private>
To: <vuln-devat_private>
Sent: Sunday, February 03, 2002 10:20 AM
Subject: mIRC Buffer Overflow


>
> General Info
> ------------
> Researched by: James Martin
> Full advisory: http://www.uuuppz.com/research/adv-001-mirc.htm
> Exploit: Proof of concept code available at above URL.
>
> Product: mIRC
> Website: http://www.mirc.com
> Version: 5.91 and all prior versions (to be best of my knowledge).
> Fix: A patch will be available soon from offical mIRC sites.
>      Please do not download from unofficial sites, as you may download
>      a trojaned version.
>
> Type: Buffer Overrun
> Risk: High
>
>
> Summary
> -------
> A security vulnerability has been found in the popular IRC client mIRC.
> The flaw allows a rogue/hacked IRC server to execute arbitary code on
> the victims machine. Allowing the attacker to gain full control of the
> victims computer. This bug affects all versions of mIRC upto and
> including version 5.91.
>
> An error exists in mIRC's handling of certain messages from the server,
> making it possible to overflow a static buffer. With carefully constructed
> messages arbitary code can be executed.
>
> The flaw must be exploited by a rogue server, however it is possible to
> cause a user to unknowingly connect to a server. If a webpage is viewed
> in Internet Explorer which contains specific code mIRC will attempt to
> connect to a server, sometimes without prompting the user for
conformation.
>
>
>
> ----- End forwarded message -----
>
> --
> "They laughed at me when I said I wanted to become a stand-up
>           comedian. They're not laughing now."
>
>

Next message: Blue Boar: "Re: mIRC Buffer Overflow"
Previous message: Syzop: "Re: mIRC Buffer Overflow"
In reply to: David Dorgan: "mIRC Buffer Overflow"
Next in thread: Blue Boar: "Re: mIRC Buffer Overflow"
Reply: Blue Boar: "Re: mIRC Buffer Overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Feb 03 2002 - 13:56:20 PST