Re: mIRC Buffer Overflow

[eSDee <witkuifkakkatoe () hotmail com>]

In-Reply-To: <20020203200648.D29404 () ksu edu>

> Received: (qmail 26091 invoked from network); 4 
Feb 2002 03:28:24 -0000
> Received: from outgoing2.securityfocus.com 
(HELO outgoing.securityfocus.com) (66.38.151.26)
>  by mail.securityfocus.com with SMTP; 4 Feb 2002 
03:28:24 -0000
> Received: from lists.securityfocus.com 
(lists.securityfocus.com [66.38.151.19])
>       by outgoing.securityfocus.com (Postfix) 
with QMQP
>       id B27238F290; Sun,  3 Feb 2002 19:57:53 -
0700 (MST)
> Mailing-List: contact vuln-dev-
help () securityfocus com; run by ezmlm
> Precedence: bulk
> List-Id: <vuln-dev.list-id.securityfocus.com>
> List-Post: <mailto:vuln-dev () securityfocus com>
> List-Help: <mailto:vuln-dev-
help () securityfocus com>
> List-Unsubscribe: <mailto:vuln-dev-
unsubscribe () securityfocus com>
> List-Subscribe: <mailto:vuln-dev-
subscribe () securityfocus com>
> Delivered-To: mailing list vuln-
dev () securityfocus com
> Delivered-To: moderator for vuln-
dev () securityfocus com
> Received: (qmail 16036 invoked from network); 4 
Feb 2002 02:05:46 -0000
> Date: Sun, 3 Feb 2002 20:06:48 -0600
> From: Jose

well, i published the 001 bug a long time ago on the 
bugreport forum of mirc. I thought first that it was not 
exploitble.

http://trout.snt.utwente.nl:82/showflat.pl?
Cat=&Board=bugreports&Number=34363&page=26&
view=collapsed&sb=5&o=186&fpart=

posted on 02/11/01, since then about 92 views, but 
no reply.
The bug is fixed in mirc 6.0, so i don't know why 
everybody is talking about "no patch".

Greets,
eSDee