Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

mIRC < 6.0 Long Nickname Buffer Overflow

High

Synopsis

The remote host is running a version of mIRC that is vulnerable to a buffer overflow attack.

Description

This issue is due to improper bounds checking of nicknames sent by the server. An excessively long nickname (200+) is capable of overwriting the stack. This issue is also exploitable via a webpage that can instruct the client to launch and to make a connection to the malicious web server. This may lead to full compromise of the host running the client software on some Windows systems.

Solution

Upgrade to version 6.0 or higher.