CVE-2006-6811 – KsIRC 1.3.12 - 'PRIVMSG' Remote Buffer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2006-6811

KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow. KsIRC 1.3.12 permite a atacantes remotos provocar una denegación de servicio (caída) mediante una cadena PRIVMSG larga cuando se conecta a un servidor retransmisor de Chat de Internet(IRC), lo que provoca que falle una aserción y se produzca una referencia a puntero NULL. NOTA: esta vulnerabilidad se documentó originalmente como un desbordamiento de búfer . • https://www.exploit-db.com/exploits/3023 http://osvdb.org/33443 http://security.gentoo.org/glsa/glsa-200701-26.xml http://securitytracker.com/id?1017453 http://www.addict3d.org/index.php?page=viewarticle&trace=0&type=security&ID=8468 http://www.kde.org/info/security/advisory-20070109-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2007:009 http://www.securityfocus.com/archive/1/456379/100/0/threaded http://www.securityfocus.com/bid/21790 http://www.ubuntu • CWE-617: Reachable Assertion •