Bugtraq mailing list archives
Re: ICQ remote buffer overflow vulnerability
From: "Nick FitzGerald" <nick () virus-l demon co uk>
Date: Tue, 8 Jan 2002 15:18:10 +1200
Daniel Tan <datan () seas upenn edu> wrote:
Until AOL announces a patch/workaround, it is highly recommended to restrict receiving of events (other than normal messages) to contacts you know.
This is just like the old, and equally bogus, "advice" for preventing being hit by mass mailing viruses -- "don't open attachments from people you don't know". The implication taken from such advice is that attachments from people you do know are necessarily "safe". Better advice is to implement a method that prevents receipt of such requests (or upgrade to the version thought unaffected by the bug). -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854
Current thread:
- ICQ remote buffer overflow vulnerability Daniel Tan (Jan 07)
- Re: ICQ remote buffer overflow vulnerability Daniel Tan (Jan 07)
- Re: ICQ remote buffer overflow vulnerability elijah wright (Jan 08)
- Re: ICQ remote buffer overflow vulnerability Daniel Tan (Jan 08)
- Re: ICQ remote buffer overflow vulnerability 'ken'@FTU (Jan 08)
- Re: ICQ remote buffer overflow vulnerability Nick FitzGerald (Jan 08)