Bugtraq mailing list archives
Aol Instant Messenger DoS vulnerability
From: justcruzn () HOTMAIL COM (hi im cruz)
Date: Fri, 3 Mar 2000 07:47:50 PST
As all Ascii-Symbols can be displayed in &#XXX; format, where XXX are numbers from 0-255, AIM seems not to check the XXX for higher values and some strings above 255 result in aim crashing completly or in part. E.g. the string ̂ will result in crashing the whole aim, but ̃ will crash only the instant message window (̃ was only tested once by me). It will crash the AIM of the attacker too, because AIM displays the string in the attacker-Instant Message, so the attacker-AIM also tries to convert it and errors. There is already an unofficial fix available, which can be downloaded at my hompage: http://laugh.at/cruz The fix is an edited ate32.dll, which should be copied to the aim directory. With it, aim doesnt try to convert "&#XXX;"-type of strings anymore, a minimum drawback (note: with that fix, the attacker can use this exploit to crash other unfixed AIMs, but wont crash his/her own AIM). Affected versions: I tested this only on 3.5+ versions of AIM, but all other versions are most likely affected too. -cruz http://laugh.at/cruz ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
Current thread:
- [RHSA-2000:006-01] New nmh packages available, (continued)
- [RHSA-2000:006-01] New nmh packages available bugzilla () REDHAT COM (Mar 06)
- Microsoft Security Bulletin (MS00-015) Microsoft Product Security (Mar 06)
- @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Weld Pond (Mar 07)
- Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Dustin Miller (Mar 07)
- Re: @Stake Advisory: Microsoft Office 2000 ClipArt Vulnerablity Weld Pond (Mar 08)
- Problem with MacOS 9 Multiple Users and Netware AFP Don Lambert (Mar 03)
- Re: Potential security problem with mtr Rogier Wolff (Mar 03)
- Re: Potential security problem with mtr Viktor Fougstedt (Mar 04)
- Re: Potential security problem with mtr - fixed Jeff Dafoe (Mar 06)
- userv (security boundary tool) 1.0.0 released Ian Jackson (Mar 06)