Secure Network Messenger versions 1.4.2 and below suffer from a remote denial of service vulnerability.
b377941d0d36b5ed895485dbb5fd65db7ff06a1742ee0d1054119a629f139007
#######################################################################
Luigi Auriemma
Application: Secure Network Messenger
https://www.networkmessengers.com/msg/
Versions: <= 1.4.2
Platforms: Windows
Bug: crash
Exploitation: remote
Date: 12 November 2004
Author: Luigi Auriemma
e-mail: aluigi@altervista.org
web: https://aluigi.altervista.org
#######################################################################
1) Introduction
2) Bug
3) The Code
4) Fix
#######################################################################
===============
1) Introduction
===============
Secure Network Messenger is a LAN messenger for Windows for exchanging
encrypted messages and files.
#######################################################################
======
2) Bug
======
Is possible to crash the program sending malformed data.
#######################################################################
===========
3) The Code
===========
Launch a telnet client and connect to the victim host on port 6144.
Now press RETURN about 10 times or more.
Disconnect, reconnect again and press RETURN.
The remote host should be crashed.
#######################################################################
======
4) Fix
======
No fix.
Over one month ago the developers said that they had to fix this bug
soon... no patch has been released yet.
#######################################################################
---
Luigi Auriemma
https://aluigi.altervista.org
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed