GLSA-200903-26 : TMSNC: Execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200903-26 TMSNC: Execution of arbitrary code Nico Golde reported a stack-based buffer overflow when processing a MSN packet with a UBX command containing a large UBX payload length field. Impact : A remote attacker could send a...

Gentoo Security Advisory GLSA 200903-26 (tmsnc)

The remote host is missing updates announced in advisory GLSA 200903-26. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200903-26 (tmsnc)

The remote host is missing updates announced in advisory GLSA 200903-26. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

TMSNC: Execution of arbitrary code

Background TMSNC is a Textbased client for the MSN instant messaging protocol. Description Nico Golde reported a stack-based buffer overflow when processing a MSN packet with a UBX command containing a large UBX payload length field. Impact A remote attacker could send a specially crafted message...

TMSNC UBX消息远程栈溢出漏洞

BUGTRAQ ID: 29850 CVECAN ID: CVE-2008-2828 TMSNC是用C编写的基于文本的MSN客户端。 TMSNC在处理畸形结构的消息数据时存在漏洞，如果远程攻击者向TMSNC发送了畸形的UBX消息消息的话，就可能触发缓冲区溢出，导致执行任意指令。 UBX是类似于UUX的MSN协议，用于通知好友所发生的变化。UBX协议命令的第一个参数为更改了个人消息或当前正在播放歌曲的联络人的护照地址，第二个参数为负载的长度，句法如下： UBX [email protected] xxx\r\n DataPSMMy Personal...

CVE-2008-2828

Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field...

CVE-2008-2828

Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field...

Stack overflow

Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field...

CVE-2008-2828

Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field...

CVE-2008-2828

Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field...

CVE-2008-2828

CVE-2008-2828 describes a stack-based buffer overflow in tmsnc’s UBX payload handling. A crafted MSN UBX packet with a large payload length can trigger a overflow in core_net.c, potentially allowing remote code execution or crash (DoS). The vulnerability is triggered when UBX payload length excee...

CVE-2005-4817

The CVE-2005-4817 issue affects Textbased MSN Client (TMSNC) up to version before 0.2.5. It is a format-string vulnerability in ui.c that allows an attacker to cause a denial of service and possibly execute arbitrary code via injection into the wprintw function. Exploitation details are not provi...

CVE-2005-4817

Format string vulnerability in ui.c in Textbased MSN Client TMSNC before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that cause format strings to be injected into the wprintw function...

[SA16752] Textbased MSN Client (TMSNC) Format String Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...