Bugtraq mailing list archives
Re: Security hole in kicq
From: Graham Roff <graham () LICQ ORG>
Date: Mon, 26 Feb 2001 16:41:33 -0500
I tried with version 1.0.0, it is vulnerable for sure. Other versions (such as 2.0.0b1) seem to be vulerable as well, though i did not compile them to try.one little try shows that licq (http://licq.org) is vulerable too however the complete url will be visible to the user.
I would argue that this is not a vulnerability at all, as the user must look at the url and then click on "View Url". Just like email attachments, it is up to the user to "not be an idiot". As a user of Licq (or whatever client) I find it useful to be able to click on a button instead of cutting/opening netscape/pasting. I always look at the url to make sure it's sane. In any event, as the author of Licq, I do not plan on removing this functionality. However, urls are no longer viewed using system() but a somewhat more secure call to execvp, passing the url as the first argument. Licq 1.0.3 will be out shortly with this and other bug fixes. _____________________________________________________________________ Graham Roff groff () engmail uwaterloo ca University of Waterloo ICQ #2127503 Computer Engineering Canada Nolites tes bastardes carborundorum
Current thread:
- Security hole in kicq Marc Roessler (Feb 14)
- Re: Security hole in kicq Wolter Kamphuis (Feb 15)
- Re: Security hole in kicq Eric Warmenhoven (Feb 15)
- Re: Security hole in kicq Graham Roff (Feb 27)
- Re: Security hole in kicq Wolter Kamphuis (Feb 15)