Full Disclosure mailing list archives
Re: Gadu-Gadu, another two bugs
From: lazy () server gwsh gda pl
Date: Mon, 20 Dec 2004 14:09:45 +0100
On Fri, Dec 17, 2004 at 11:23:38AM +0100, Jaroslaw Sajko wrote:
Product: Gadu-Gadu, build 155 and older Vendor: SMS-EXPRESS.COM (http://www.gadu-gadu.pl) Impact: Script execution in local zone, Remote DoS Severity: High Authors: Blazej Miga <bla () man poznan pl>, Jaroslaw Sajko <sloik () man poznan pl> Date: 17/12/04
...
[DETAILS]
Bug 1.
Parsing error. We can send a malicious string which has an url inside.
This url can be a javascript code for example or reference to such a code.
Code will execute when the window with message pops up. Code will execute
in LOCAL ZONE! Works also with older versions.
Example:
Send such a string to any receipent:
www.po"style=background-image:url(javascript:document.write('%3cscript%3ealert%28%22you%20are%20owned!%22%29%3c%2fscript%3e'));".pl
tlen.pl - another polish IM was also vulunerable to Bug1 they fixed it in 5.23.4.2 and (as I was told) they now block it on the servers, but you can check it locally on your own client __ Regards, Michal Grzedzicki _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Gadu-Gadu, another two bugs Jaroslaw Sajko (Dec 17)
- Re: Gadu-Gadu, another two bugs Przemyslaw Frasunek (Dec 20)
- Re: Re: Gadu-Gadu, another two bugs Maciej Soltysiak (Dec 20)
- Re: Gadu-Gadu, another two bugs lazy (Dec 21)
- Re: Gadu-Gadu, another two bugs Przemyslaw Frasunek (Dec 20)