Yahoo! Messenger File Transfer Buffer Overrun Vul

Full Version: Yahoo! Messenger File Transfer Buffer Overrun Vul

GovernmentSecurity.org > The Archives > Exploit Articles

MindSmith

Jan 13 2004, 07:50 AM

Bugtraq id 9383
Object ft.dll
Class Boundary Condition Error
Cve CVE-MAP-NOMATCH
Remote Yes
Local No
Published Jan 08, 2004
Updated Jan 08, 2004
vulnerable

Not vulnerable Yahoo! Messenger 5.6 .0.1358
Yahoo! Messenger 5.6 .0.1356
Yahoo! Messenger 5.6 .0.1355

Info:
Yahoo! Messenger is vulnerable to a remotely exploitable buffer overrun issue. This vulnerability is due to insufficient bounds checking during user-initiated file transfer requests. A file with a name of excessive length may cause this issue.

Exploit:
The following proof-of-concept has been made available:

"test<insert around 210 spaces here>.jpg

Solution:
Vendor reports relayed through a third party indicate that versions later than 5.6.0 Build 1355 and later are not affected by this issue. The vendor has not directly confirmed this with Symantec

Source: http://www.securityfocus.com/bid/9383/info/

Credit:

Discovery credited to Tri Huynh.

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.