-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathTRAIN_00922.eml
69 lines (48 loc) · 2.63 KB
/
TRAIN_00922.eml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
NoneNonebuffer overflowsDidn't we just have a discussion on FoRK how hard
it is nowadays to write something that's not
buffer overflow protected?
http://news.zdnet.co.uk/story/0,,t269-s2121250,00.html
Location: http://news.zdnet.co.uk/story/0,,t269-s2121250,00.html
IM client vulnerable to attack
IM client vulnerable to attack
James Pearce, ZDNet Australia
Users of messenger client Trillian are vulnerable to attack, according to
information security analyst John Hennessy.
Hennessy has published a proof-of-concept showing the latest version of
Trillian, v0.73, is vulnerable to a buffer-overflow attack that will
allow individuals with malicious intent to run any program on the
computer.
Trillion is a piece of software that allows you to connect to ICQ, AOL
Instant Messenger, MSN Messenger, Yahoo! Messenger and IRC with a single
interface, despite some companies actively avoiding messenger
interoperability.
According to Jason Ross, senior analyst at amr interactive, in June 2002
there were 28,000 home users of Trillian in Australia, about 0.4 percent
of the Internet population, and 55,000 people using it at work, about 1.8
percent of the Internet population.
David Banes, regional manager of Symantec security response, told ZDNet
Australia the code appeared to be valid.
"With these sort of things you have to find some process that would
accept a connection, then throw loads of random data at it and get it to
crash," he said. "Once it's crashed, you can try to find a way to exploit
it."
He said the proof-of-concept that was published is designed to run on
Notepad, but could be easily modified to run any program on the system.
He said the problem was easy to fix by "writing protective code around
that particular piece to more closely validate the data around that
piece."
"Because people are pushed for productivity you tend to leave out the
checks and balances you should put in, which is why we have all these
buffer overflows and exploits out there now," said Banes.
Cerulean Studios, creator of Trillian, was contacted for comment but had
not responded by the time of publication.
------------------------------------------------------------------------
For all security-related news, including updates on the latest viruses,
hacking exploits and patches, check out ZDNet UK's Security News Section.
Have your say instantly, and see what others have said. Go to the
Security forum.
Let the editors know what you think in the Mailroom.
Copyright © 2002 CNET Networks, Inc. All Rights Reserved.
ZDNET is a registered service mark of CNET Networks, Inc. ZDNET Logo is a service mark of CNET NETWORKS,
Inc.
http://xent.com/mailman/listinfo/fork