[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] buffer overflow in Indiatimes Messenger
- To: <full-disclosure@lists.netsys.com>
- Subject: [Full-Disclosure] buffer overflow in Indiatimes Messenger
- From: "Gaurav Kumar" <gaurav@e2-labs.com>
- Date: Thu, 7 Aug 2003 01:08:03 +0530
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
+-----------------------------------------------------------------+
+ Gaurav Kumar (gaurav@e2-labs.com)
+
+ presents
+
+ Buffer Overflow In Indiatimes Messenger
+
+-----------------------------------------------------------------+
OVERVIEW
Indiatimes Messenger is a popular Instant Messenger that allows you
to
- -Instantly connect to Indiatimes, Yahoo, MSN, ICQ and AOL
- -Chat in 11 indian languages
- -Send SMS and many more.
Problem.
On entering a very large username (abt 1500 characters) the messenger
core executable MMCLIENT.EXE crashes.
Vulnerable Version
The latest version 4.0 is vulnerable.
Vendor Reponse
Vendor contacted. Still waiting for response.
------------------------------------------------------
Author: Gaurav Kumar (gaurav@e2-labs.com)
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Gaurav Kumar
Chief Information Security Analyst
E2 Labs Information Security Pvt. Ltd.
Road no. 3 , Banjara Hills
Hyderbad-34
AP
India
gaurav@e2-labs.com
www.e2-labs.com
PGP public key at-
http://mycgiserver.com/~ethicalhackers/pgp.txt
Phone(s)-
Mobile +91 40 31068650
Tele/Fax +91 40 23555942 (ext-24)
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBPzFZGP7pOx+pP+hiEQKkZgCfRYzj/A4spzNFJSXzJTEOKjDvN6sAoPWj
pfzyXu3IT3GOif5MYcWZ15BI
=Si5o
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html