Colloquy INVITE Request Remote Format String Vulnerability
BID:22086
Info
Colloquy INVITE Request Remote Format String Vulnerability
| Bugtraq ID: | 22086 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 16 2007 12:00AM |
| Updated: | Jan 18 2007 12:00AM |
| Credit: | LMH <[email protected]> is credited with the discovery of this vulnerability. |
| Vulnerable: |
Colloquy Colloquy 2.1 (3545) |
| Not Vulnerable: |
Colloquy Colloquy 2.1 (3558) |
Discussion
Colloquy INVITE Request Remote Format String Vulnerability
Colloquy is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.
Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the application and to compromise affected computers. A denial-of-service condition may arise as well.
Colloquy versions prior to 2.1 (3558) are vulnerable; other versions may also be affected.
Colloquy is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.
Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the application and to compromise affected computers. A denial-of-service condition may arise as well.
Colloquy versions prior to 2.1 (3558) are vulnerable; other versions may also be affected.
Exploit / POC
Colloquy INVITE Request Remote Format String Vulnerability
The following proof of concept is available:
The following proof of concept is available:
Solution / Fix
Colloquy INVITE Request Remote Format String Vulnerability
Solution:
The vendor has released version 2.1 (3558) to address this issue.
Solution:
The vendor has released version 2.1 (3558) to address this issue.
References
Colloquy INVITE Request Remote Format String Vulnerability
References:
References: