# Trillian MSN Module Buffer Overflow Vulnerability (Moderately critical)



## jgvernonco (Sep 13, 2003)

Trillian MSN Module Buffer Overflow Vulnerability

SECUNIA ADVISORY ID:
SA12487

VERIFY ADVISORY:
http://secunia.com/advisories/12487/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
From remote

SOFTWARE:
Trillian 0.x
http://secunia.com/product/256/

DESCRIPTION:
Komrade has reported a vulnerability in Trillian, which can be
exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the MSN
module. This can be exploited to cause a buffer overflow by passing
an overly long string (about 4096 bytes) from a MSN messenger
server.

Successful exploitation requires that a malicious person either
intercepts and manipulates traffic sent from a MSN messenger server
to the user or get the user's Trillian to connect to a malicious MSN
messenger server.

The vulnerability has been reported in version 0.74i. Other versions
may also be affected.

SOLUTION:
Don't use the MSN Messenger functionality in the product.

PROVIDED AND/OR DISCOVERED BY:
Komrade

ORIGINAL ADVISORY:
http://unsecure.altervista.org/security/trillian.htm


----------

