mIRC PRIVMSG Handling Remote Buffer Overflow

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote host contains a chat client that is affected by a buffer
overflow vulnerability.

Description :

The version of mIRC installed on the remote host is earlier than 6.35
and thus reportedly prone to a buffer overflow attack that can be
triggered by a long hostname in a PRIVMSG message. If an attacker can
trick a user into connecting to a malicious IRC server (perhaps via
JavaScript in an HTML document), this issue could be leveraged to
execute arbitrary code on the remote host subject to the user's
privileges.

See also :

http://www.mirc.com/news.html

Solution :

Upgrade to mIRC 6.35 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.4
(CVSS2#E:POC/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 34471 ()

Bugtraq ID: 31552

CVE ID: CVE-2008-4449

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now