A loophole in the application of Talagram allow an attacker to target victims’ computers




Security Officers researchers revealed the existence of a vulnerability in the application of Instant Messaging Talagram, which allow an attacker to send messages in bulk which disables users ‘ computers.

Talagram The application Instant messaging is similar to a popular application Watts August owned network Facebook, the company indicate the presence of more than 100 million monthly users of the application, along with the acquisition of approximately 350 thousand new users every day.

And limiting the application of Talagram text messages up to a certain typefaces, so as to prevent a malicious user from exploiting application, so should every message from one character or byte Byte comprises at least not more than 4096 distorted.

It indicates research published online to the possibility of circumventing these restrictions easily because of a bug allows the sender to control the size of messages and send messages to the future of a length of more than allowed.

He adds the research as on the assumption that each character ASCII ASCII is represented by a single byte Byte, an attacker can send long chains composed of many millions of characters to the victims or to send a blank message, similar to the user to download a large file without acceptance downloaded it.

Receiving long messages may cause the device to crash or stop functioning due to lack of memory, as can large quantities of customized to the user in the event of use of the mobile phone networks monthly data consumption.

The researchers demonstrated the health concept through deployment of a video showing the application to consume 256 MB out of 300 MB in a few minutes, after sending them higher than the permitted limit messages.

And it shows the great danger of the gap over the possibility of sending messages to people who are not in the buddy list, so an attacker can send messages exceeds the limit for anyone owns the application.


In: A Technology & Gadgets Asked By: [23616 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »