Bugtraq mailing list archives

Re: AOL for Windows DoS/Exploit

From: p00h () MONMOUTH COM (p00h)
Date: Mon, 1 Jun 1998 18:43:49 -0400


this is a very old bug, i believe that the term for it is "punting"
dunno though,
there are other bugs, ill elaborate on what you said
aol supports PARTIAL html, its like win95's implementation of tcp/ip
it only supports parts of it
there are several exploits for this, rather then include source, which
would be useless for something that only requires 1 line to be typed, i will explain how

to crash through instant messeges, send an instant message with the following text
"<a1><pre><a1><a1>"
you can send a few of these, this will freeze aol, causing either a gpf, or reboot,
this is because aol is recieving html, which it recognizes, but cannot decide what to do with it

to crash through mail, simply send a letter filled with
"<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<"
this crashes aol, it does this because of the way aol handles html
imagine that each < is a for loop, so every time there is a new <, thats another nested
for loop, this jumps cpu utilization to 100% i believe

-p00h



Invisi wrote:

Well.. I thought this was something that some of you might get a kick
out of... as well as informative.  I also havent seen this on any other
sites.  here's the stuff...

Tested on: AOL3.0 16-bit Windows, AOL3.0 32-bit Windows, AOL4.0 Windows

Problem:
AOL's Instant message's uses HTML.  This enables there customers to
change font sizes, colors, backgrounds, to suite there tastes.  Well
here is where the bug comes into play.
All you simply have to do is send someone who is useing a AOL version,
that uses the <font> tagg, a instant message of
<font =
9999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999>
A AOL instant message has to be below a certain character size that can
fit in one message.  This goes beyond the valid size, as well as being a
invalid parameter for <font>.  It will cause your AOL software to freak
out, and a GPF will occur.  If your able to stick more 9's in there,
then please do.

Fix:
Convert back to a older version of AOL for Windows, like 2.5 or before.
Or, simply reject any Instant Messages by useing the $IM_OFF command.
Since Instant Messages are a big part of AOL, most people keep there
Instant Messages turned on.

- Invisible

Current thread:

AOL for Windows DoS/Exploit Invisi (Jun 01)
- <Possible follow-ups>
- Re: AOL for Windows DoS/Exploit p00h (Jun 01)