[Full-Disclosure] xchat 2.0.6 crashes with mirc 6.0-6.11 DCC exploit

From: Stefan Hecker (s.hecker_at_stud.uni-goettingen.de)
Date: 12/12/03

  • Next message: Bill Royds: "RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerabi lity"
    To: <full-disclosure@lists.netsys.com>
    Date: Fri, 12 Dec 2003 00:50:56 +0100 (CET)
    
    

    xchat 2.0.6 crashes with mirc 6.0-6.11 DCC exploit
    the machine on which xchat crashed
    Linux 2.4.23
    xchat 2.0.6

    the machine who did the exploit
    mirc 6.12
    Windows XP

    ---
    what happend:
    i starded xchat 2.0.6 on my linux machine and, just for
    fun, tried to exploit it via mirc.
    if you are not familiar with that: mIRC 6.11 and ealier
    6.x crashed on a malformated dcc request. 6.12 fixed that.
    oh wonder! xchat closed!!!!
    * Quits: <xchat_linux_nick>(who@cares) (Client exited)
    (msg in my mirc)
    downgraded to 2.0.5 and tried again
    --- DCC RECV connect attempt to <mynick> failed
    (err=Invalid argument).
    this was reproduced on a FreeBSD machine with xchat 2.0.6
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: Bill Royds: "RE: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerabi lity"