Bugtraq mailing list archives

Re: ICQ remote buffer overflow vulnerability

From: "'ken'@FTU" <franklin_tech_bulletins () yahoo com>
Date: Tue, 08 Jan 2002 17:06:24 -0500

elijah wright wrote:

This is very similar to the AIM overflow recently discovered.
ICQ protocol uses the same TLV (2711) packet and there is a similar
weakness in the parsing of the packet.


duh, that's because its essentially the same protocol.  :)

I disagree: there is an important distinction between the protocol (therules) and the parsing of the data (the implementation).

ICQ clients should probably be viewed with the same suspicion as the
vulnerable AIM clients.

This assumes that the coders who developed ICQ made the same errors asthe codes who developed AIM.

I happen to agree, but not because they use the same protocol. I agreebecause many programmers do not know how to code (and parse) safely...


'ken'

Current thread:

ICQ remote buffer overflow vulnerability Daniel Tan (Jan 07)
- Re: ICQ remote buffer overflow vulnerability Daniel Tan (Jan 07)
- Re: ICQ remote buffer overflow vulnerability elijah wright (Jan 08)
  - Re: ICQ remote buffer overflow vulnerability Daniel Tan (Jan 08)
  - Re: ICQ remote buffer overflow vulnerability 'ken'@FTU (Jan 08)
- Re: ICQ remote buffer overflow vulnerability Nick FitzGerald (Jan 08)