Trillian IRC Component IDENT Server Remote Overflow DoS

2002-09-14T22:39:49
ID OSVDB:10794
Type osvdb
Reporter Jose Nazario(jose@monkey.org), Lance Fitz-Herbert(fitzies@hotmail.com)
Modified 2002-09-14T22:39:49

Description

Vulnerability Description

A remote overflow exists in Trillian. Trillian fails to validate the length of a data block from an IDENT server resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service or the execution of arbitrary code resulting in a loss of integrity, and/or availability.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Disable the Ident server

Short Description

A remote overflow exists in Trillian. Trillian fails to validate the length of a data block from an IDENT server resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service or the execution of arbitrary code resulting in a loss of integrity, and/or availability.

Manual Testing Notes

Sending 418+ bytes to the Identd server (TCP 113) can cause the Trillian client to crash

References:

Vendor URL: http://ceruleanstudios.com/ Security Tracker: 1005236 Mail List Post: http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0139.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-09/0224.html Keyword: TCP 113 ISS X-Force ID: 10118 CVE-2002-1486 Bugtraq ID: 5733