Zed
Rogue Chimp
ALL,
The following was jsut announced regarding Trillian - Several dangerous vulnerabiltiies exist which could lead to compromise of systems (Remember -with things like IM proggies you have allowed them to access the network through your firewalls so you are NOT protected against these attacks...) - its worth noting if you dont use IRC functionality you should be okay(ish)
Vulnerable systems:
* Trillian version 0.74 and prior
PRIVMSG overflow:
An overflow exists in the way Trillian processes 'PRIVMSG' commands from
the IRC server. If the nickname of the sender is larger than 206 bytes,
Trillian will crash and overwrite registers.
JOIN overflow:
An overflow exists in the way Trillian processes 'JOIN' commands from the
IRC server. If Trillian joins a channel that is larger than 206 bytes,
Trillian will crash and overwrite registers.
Multiple Raw flaws:
There seems to be a flaw in the way Trillian processes some IRC Raw
Messages, the following RAW messages crash Trillian:
206, 211, 213, 214, 215, 217, 218, 243, 302, 317, 324, 332, 333, 352, 367
The server sends the RAW commands in the following format: ':Server
<Num>', where <Num> being the one of the raw codes listed above.
Part flaw:
If Trillian receives a message about a user parting a channel it itself is
not in, or if no channel is specified at all, Trillian will crash.
Part Messages are sent in the form: ":nick!ident@address PART <Channel>"
Data buffering flaw:
There appears to be a flaw in the way Trillian buffers data from the IRC
server. If Trillian receives a block of data over 4095 bytes, Trillian
will crash.
The following was jsut announced regarding Trillian - Several dangerous vulnerabiltiies exist which could lead to compromise of systems (Remember -with things like IM proggies you have allowed them to access the network through your firewalls so you are NOT protected against these attacks...) - its worth noting if you dont use IRC functionality you should be okay(ish)
Vulnerable systems:
* Trillian version 0.74 and prior
PRIVMSG overflow:
An overflow exists in the way Trillian processes 'PRIVMSG' commands from
the IRC server. If the nickname of the sender is larger than 206 bytes,
Trillian will crash and overwrite registers.
JOIN overflow:
An overflow exists in the way Trillian processes 'JOIN' commands from the
IRC server. If Trillian joins a channel that is larger than 206 bytes,
Trillian will crash and overwrite registers.
Multiple Raw flaws:
There seems to be a flaw in the way Trillian processes some IRC Raw
Messages, the following RAW messages crash Trillian:
206, 211, 213, 214, 215, 217, 218, 243, 302, 317, 324, 332, 333, 352, 367
The server sends the RAW commands in the following format: ':Server
<Num>', where <Num> being the one of the raw codes listed above.
Part flaw:
If Trillian receives a message about a user parting a channel it itself is
not in, or if no channel is specified at all, Trillian will crash.
Part Messages are sent in the form: ":nick!ident@address PART <Channel>"
Data buffering flaw:
There appears to be a flaw in the way Trillian buffers data from the IRC
server. If Trillian receives a block of data over 4095 bytes, Trillian
will crash.
