Trillian remote crashable

2005-10-04T00:00:00
ID SECURITYVULNS:DOC:9854
Type securityvulns
Reporter Securityvulns
Modified 2005-10-04T00:00:00

Description

Hi!

I am using LICQ and when I want to establish a direct connection to Trillian using the ICQ protocol and a reverse connection is requested, Trillian crashes reproducable:

08:12:36: [TCP] Sending message to xxx (#1). 08:12:36: [PKT] Packet (SRVv0, 38 bytes) sent: (192.168.0.10:46810 -> 64.12.24.112:5190) 0000: 2A 02 06 A6 00 20 00 04 00 14 00 00 00 00 00 1F ..¦. .......... 0010: 00 00 00 00 00 00 00 00 00 01 09 31 32 30 36 38 ...........12068 0020: 31 35 34 35 00 00 1545.. 08:12:36: [TCP] Requesting reverse connection from xxx. 08:12:36: [PKT] Packet (SRVv0, 107 bytes) sent: (192.168.0.10:46810 -> 64.12.24.112:5190) 0000: 2A 02 06 A7 00 65 00 04 00 06 00 00 00 00 00 20 ..§.e......... 0010: 00 00 00 00 00 00 00 20 00 02 09 31 32 30 36 38 ....... ...12068 0020: 31 35 34 35 00 05 00 43 00 00 00 00 00 00 00 00 1545...C........ 0030: 00 20 09 46 13 44 4C 7F 11 D1 82 22 44 45 53 54 . .F.DL..С."DEST 0040: 00 00 00 0A 00 02 00 01 00 0F 00 00 27 11 00 1B ............'... 0050: 8B 7F 2A 00 3E B2 2D CF A0 0F 00 00 04 0A 04 00 ...>І-П ....... 0060: 00 A0 0F 00 00 08 00 20 00 00 00 . ..... ... 08:12:48: [PKT] Packet (SRVv0, 40 bytes) received: (192.168.0.10:46810 <- 64.12.24.112:5190) 0000: 2A 02 53 BF 00 22 00 03 00 0C 00 00 8C F4 C9 18 .Sї.".......фЙ. 0010: 09 31 32 30 36 38 31 35 34 35 00 00 00 02 00 01 .120681545...... 0020: 00 02 00 00 00 1D 00 00 ........ 08:12:48: [SRV] xxx went offline.

Seems that Trillian is having a problem with these reverse direct connections. I tested it recently with the latest Trillian 3.0.

The crash was firstly reported to Cerulan Studios in their Bug Forum in January: http://ceruleanstudios.com/forums/showthread.php?s=84987af3601384b1dc7ea1f36b237c9c&threadid=64889

Thanks Philipp Kolmann

PS: Please Cc me, since I am not subscribed on the list.