MSN Messenger Malformed Invite Request Remote DoS
Medium Nessus Network Monitor Plugin ID 1267
SynopsisThe remote host is vulnerable to a Denial of Service (DoS) attack
DescriptionThe remote host is running Microsoft MSN Messenger. Certain versions of MSN messenger are vulnerable to a Denial of Service attack. Specifically, a message received with a malformed invite request containing HTML-encoded space characters (%20) in the Invitation-Cookie field may cause an MSN client to crash. A remote attacker may use this vulnerability to create a Denial of Service attack.
SolutionUpgrade to the latest version of MSN Messenger.