• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

SILC Toolkit and SILC Client NICK_CHANGE Remote Buffer Overflow Vulnerability

SILC Toolkit and SILC Client are prone to a remote buffer-overflow vulnerability because they fail to perform adequate boundary checks on user-supplied input before copying it into an insufficiently sized memory buffer.

Successful exploits may allow remote attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Versions prior to SILC Toolkit and SILC Client 1.1.2 are vulnerable to this issue.