Many scripts installed in mIRC below version 6.03 allow remote compromise if they use the $asctime identifier, which is used to format unix time stamps. Includes proof of concept code which causes mIRC to execute a command line on any supported OS. Most users have not yet upgraded.
59dd94fbd0009f547687ef2391fae6acmIRC, the popular chat client for the IRC has support for a scripting language that has been found to be vulnerable. A buffer overflow exists in the $asctime identifier where an error lies in the handling of oversized format specifier strings.
fbe9bc40fafa8162c63e4dfa0ea4ca8fProof of concept exploit for the buffer overflow vulnerability that exists in the nick handling code of mIRC. This exploit works with mIRC version 5.91 which is the latest version that is affected by this vulnerability.
24ac961a3373f30a0eaaf130480bd8afmIRC v5.91 and below has an exploitable bug which allows remote code execution. mIRC assumes the current nickname of the client as sent by the server is fewer than 100 characters long. mIRC stores the current and alternative nickname as a static array. Sending a nickname over 200 characters long allows overwriting of a key variable, the index to the current nickname. Fix available here.
220ff5c84194f4e99ad9decf00d4e724
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed