Many scripts installed in mIRC below version 6.03 allow remote compromise if they use the $asctime identifier, which is used to format unix time stamps. Includes proof of concept code which causes mIRC to execute a command line on any supported OS. Most users have not yet upgraded.
7bbc56e28d283a43eccbc8e827589188437b85d0ee6f7ebe44afd3e5cf94b646mIRC, the popular chat client for the IRC has support for a scripting language that has been found to be vulnerable. A buffer overflow exists in the $asctime identifier where an error lies in the handling of oversized format specifier strings.
bad0f9793175f781bb0c8b0c508f6029e42a8d916ebd132418062048d3fa75bdProof of concept exploit for the buffer overflow vulnerability that exists in the nick handling code of mIRC. This exploit works with mIRC version 5.91 which is the latest version that is affected by this vulnerability.
957bf70f6116314b5806d74de9c7b2cd9e687d65688b24535d1ea8dcad75616dmIRC v5.91 and below has an exploitable bug which allows remote code execution. mIRC assumes the current nickname of the client as sent by the server is fewer than 100 characters long. mIRC stores the current and alternative nickname as a static array. Sending a nickname over 200 characters long allows overwriting of a key variable, the index to the current nickname. Fix available here.
7be119c91ef0d3642fc205b923d39056b40a51bb3e468568211d9c3586fdc091
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed