icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

mIRC < 6.0 Long Nickname Buffer Overflow

High

Synopsis

The remote host is running a version of mIRC that is vulnerable to a buffer overflow attack.

Description

This issue is due to improper bounds checking of nicknames sent by the server. An excessively long nickname (200+) is capable of overwriting the stack. This issue is also exploitable via a webpage that can instruct the client to launch and to make a connection to the malicious web server. This may lead to full compromise of the host running the client software on some Windows systems.

Solution

Upgrade to version 6.0 or higher.