Trillian remote crashable

2005.10.04
Risk: Medium
Local: No
Remote: Yes
CWE: N/A


CVSS Base Score: 5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Partial

Hi! I am using LICQ and when I want to establish a direct connection to Trillian using the ICQ protocol and a reverse connection is requested, Trillian crashes reproducable: 08:12:36: [TCP] Sending message to xxx (#1). 08:12:36: [PKT] Packet (SRVv0, 38 bytes) sent: (192.168.0.10:46810 -> 64.12.24.112:5190) 0000: 2A 02 06 A6 00 20 00 04 00 14 00 00 00 00 00 1F *..?. .......... 0010: 00 00 00 00 00 00 00 00 00 01 09 31 32 30 36 38 ...........12068 0020: 31 35 34 35 00 00 1545.. 08:12:36: [TCP] Requesting reverse connection from xxx. 08:12:36: [PKT] Packet (SRVv0, 107 bytes) sent: (192.168.0.10:46810 -> 64.12.24.112:5190) 0000: 2A 02 06 A7 00 65 00 04 00 06 00 00 00 00 00 20 *...e......... 0010: 00 00 00 00 00 00 00 20 00 02 09 31 32 30 36 38 ....... ...12068 0020: 31 35 34 35 00 05 00 43 00 00 00 00 00 00 00 00 1545...C........ 0030: 00 20 09 46 13 44 4C 7F 11 D1 82 22 44 45 53 54 . .F.DL..?."DEST 0040: 00 00 00 0A 00 02 00 01 00 0F 00 00 27 11 00 1B ............'... 0050: 8B 7F 2A 00 3E B2 2D CF A0 0F 00 00 04 0A 04 00 ..*.>?-? ....... 0060: 00 A0 0F 00 00 08 00 20 00 00 00 . ..... ... 08:12:48: [PKT] Packet (SRVv0, 40 bytes) received: (192.168.0.10:46810 <- 64.12.24.112:5190) 0000: 2A 02 53 BF 00 22 00 03 00 0C 00 00 8C F4 C9 18 *.S?."........ 0010: 09 31 32 30 36 38 31 35 34 35 00 00 00 02 00 01 .120681545...... 0020: 00 02 00 00 00 1D 00 00 ........ 08:12:48: [SRV] xxx went offline. Seems that Trillian is having a problem with these reverse direct connections. I tested it recently with the latest Trillian 3.0. The crash was firstly reported to Cerulan Studios in their Bug Forum in January: http://ceruleanstudios.com/forums/showthread.php?s=84987af3601384b1dc7ea 1f36b237c9c&threadid=64889 Thanks Philipp Kolmann PS: Please Cc me, since I am not subscribed on the list.


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top