Vulnerabilities > CVE-2002-1486 - Unspecified vulnerability in Cerulean Studios Trillian 0.725/0.73/0.74
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cerulean-studios
exploit available
Summary
Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
description Trillian 0.6351/0.7x Identd Buffer Overflow Vulnerability. CVE-2002-1486. Remote exploit for windows platform id EDB-ID:21804 last seen 2016-02-02 modified 2002-09-18 published 2002-09-18 reporter Lance Fitz-Herbert source https://www.exploit-db.com/download/21804/ title Trillian 0.6351/0.7x Identd Buffer Overflow Vulnerability description Trillian 0.73/0.74 IRC JOIN Buffer Overflow Vulnerability. CVE-2002-1486. Dos exploit for windows platform id EDB-ID:21813 last seen 2016-02-02 modified 2002-09-20 published 2002-09-20 reporter Lance Fitz-Herbert source https://www.exploit-db.com/download/21813/ title Trillian 0.73/0.74 IRC JOIN Buffer Overflow Vulnerability description Trillian 0.725/0.73/0.74 IRC User Mode Numeric Remote Buffer Overflow Vulnerability. CVE-2002-1486. Dos exploit for windows platform id EDB-ID:21816 last seen 2016-02-02 modified 2002-09-21 published 2002-09-21 reporter Lance Fitz-Herbert source https://www.exploit-db.com/download/21816/ title Trillian 0.725/0.73/0.74 IRC User Mode Numeric Remote Buffer Overflow Vulnerability description Trillian 0.73/0.74 IRC PRIVMSG Buffer Overflow Vulnerability. CVE-2002-1486. Remote exploit for windows platform id EDB-ID:21810 last seen 2016-02-02 modified 2002-09-19 published 2002-09-19 reporter Lance Fitz-Herbert source https://www.exploit-db.com/download/21810/ title Trillian 0.73/0.74 - IRC PRIVMSG Buffer Overflow Vulnerability description Trillian 0.74 IRC Oversized Data Block Buffer Overflow Vulnerability. CVE-2002-1486. Dos exploit for windows platform id EDB-ID:21823 last seen 2016-02-02 modified 2002-09-22 published 2002-09-22 reporter Lance Fitz-Herbert source https://www.exploit-db.com/download/21823/ title Trillian 0.74 IRC Oversized Data Block Buffer Overflow Vulnerability
References
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0258.html
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0258.html
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0266.html
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0266.html
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0268.html
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0268.html
- http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0139.html
- http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0139.html
- http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0140.html
- http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0140.html
- http://www.iss.net/security_center/static/10150.php
- http://www.iss.net/security_center/static/10150.php
- http://www.iss.net/security_center/static/10151.php
- http://www.iss.net/security_center/static/10151.php
- http://www.iss.net/security_center/static/10163.php
- http://www.iss.net/security_center/static/10163.php
- http://www.securityfocus.com/bid/5765
- http://www.securityfocus.com/bid/5765
- http://www.securityfocus.com/bid/5769
- http://www.securityfocus.com/bid/5769
- http://www.securityfocus.com/bid/5777
- http://www.securityfocus.com/bid/5777