Bugtraq mailing list archives
Re: ICQ Buffer Overflow Exploit
From: mattison () WEBOVISION COM (Dennis W. Mattison (Little Wolf))
Date: Wed, 12 Jan 2000 21:09:48 -0800
Two things: 1. I am not able to verify this vulnerability under Windows98, running ICQ 99b Beta 3.19 Build 2569. I tried sending excessively long URL's using the URL message send (I could not find a way of sending a URL during chat, other than typing it in the window, you might send out the instructions on how to do this) and was unable to buffer overflow the program. I'll keep trying, there might be something I am not doing right... 2. I do not agree with your fix, however. There is a much simpler fix available, go into the Preferences window, select the Events tab, select the URL setting on the "Select Event to Configure" combobox and then select "Auto Decline." This appears to shut down the http event. I've tried sending URL messages back and forth between two machines and was unable to receive them. I've turned all events off in ICQ, it is much easier to tell someone I am chatting with to look at a particular URL without using the URL message capability. -----Original Message----- From: Bugtraq List [mailto:BUGTRAQ () SECURITYFOCUS COM]On Behalf Of drew copley Sent: Tuesday, January 11, 2000 10:31 AM To: BUGTRAQ () SECURITYFOCUS COM Subject: ICQ Buffer Overflow Exploit Buffer Overflow in ICQ --Stuff Deleted-- --- Dennis W. Mattison (Little Wolf) (This message should be signed, please verify signature if you suspect fraud.) <HR NOSHADE> <UL> <LI>application/x-pkcs7-signature attachment: smime.p7s </UL>
Current thread:
- Password issue in Axent ESM 5.0.1 Console, (continued)
- Password issue in Axent ESM 5.0.1 Console Todd (Jan 12)
- Re: Password issue in Axent ESM 5.0.1 Console Scott Blake (Jan 14)
- Local / Remote D.o.S Attack in Super Mail Transfer Package (SMTP) Server for WinNT Version 1.9x Ussr Labs (Jan 13)
- Re: NIS2k Brad Griffin (Jan 13)
- Misleading sense of security in Netscape Craig Ruefenacht (Jan 13)
- Re: Misleading sense of security in Netscape Jefferson Ogata (Jan 18)
- New MySQL Available Scott (Jan 13)
- BindView Security Advisory: Local Promotion Vulnerability in Windows NT 4 BindView Security Advisory (Jan 13)
- Microsoft Security Bulletin (MS00-003) Microsoft Product Security (Jan 13)
- ICQ Buffer Overflow Exploit drew copley (Jan 11)
- Re: ICQ Buffer Overflow Exploit Dennis W. Mattison (Little Wolf) (Jan 12)
- Re: ICQ Buffer Overflow Exploit Michael DeSimone (Jan 13)
- Re: ICQ Buffer Overflow Exploit Tom Schumm (Jan 14)
- Re: ICQ Buffer Overflow Exploit Simon Steed (Jan 13)
- Anyone can take over virtually any domain on the net... Thomas Reinke (Jan 11)
- Re: Anyone can take over virtually any domain on the net... Jon Lewis (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Jeffrey Paul (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Chris Adams (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Shafik Yaghmour (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Nick Lamb (Jan 15)
- Re: Anyone can take over virtually any domain on the net... Kurt Seifried (Jan 13)