Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

silc-server 1.0.2 denial-of-service vulnerability
From: Alexander Heidenreich <a.heidenreich () blacksec de>
Date: Tue, 6 Mar 2007 18:48:08 +0100

Hi,

there is a bug in the current version of silc-server that makes it
possible to crash a networks SILC router or a standalone server, when a
new channel is created. All it takes is to specify an invalid hmac
algorithm name and no cipher algorithm name. This results in an null
pointer dereference in 'SILC_SERVER_CMD_FUNC(join)' at line 2444 in
apps/silcd/command.c.

To reproduce:

/connect yourserver
/join nonexistent -hmac nonexistent

The attached patch fixes the problem.

Best regards,
Frank Benkstein

-- 
GPG (Mail): 7093 7A43 CC40 463A 5564  599B 88F6 D625 BE63 866F
GPG (XMPP): 2243 DBBA F234 7C5A 6D71  3983 9F28 4D03 7110 6D51

Attachment: silc-join-hmac.patch
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • silc-server 1.0.2 denial-of-service vulnerability Alexander Heidenreich (Mar 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]