Vulnerability Development mailing list archives

Re: ICQ exploit

From: Jonathan James <Jonathan () SECURITO SE>
Date: Wed, 28 Mar 2001 12:26:00 +0200

Geo.
This is a feature not a bug. This feature was put in so that users would not
get an error message of "Login error, you are already logged in.." if a
users ISP connection dropped or a users computer froze..
The first client only gets kicked off if the second client issues the
correct login and password.

Jonathan James

----- Original Message -----
From: "Geo." <georger () NLS NET>
To: <VULN-DEV () SECURITYFOCUS COM>
Sent: Monday, March 26, 2001 9:21 PM
Subject: ICQ exploit

While playing around with my laptop and desktop today I noticed something
with ICQ.

If you have ICQ setup on 2 machines using the same ICQ number, as soon as
the second machine starts ICQ up the first machine gets an error about

your

ICQ number being used on another machine and immediately takes ICQ off

line.


I don't know the mechanism that allows this but has anyone considered an
exploit based upon this mechanism? Seems to me a sequential run could

knock

a whole bunch of people off ICQ..

Geo.

Current thread:

Re: Positive uses for rootkits, (continued)
- - - Re: Positive uses for rootkits Dick Visser (Mar 26)
    - The use of immunix Renee Teunissen (Mar 26)
    - Re: Positive uses for rootkits Ben Ford (Mar 27)
    - Re: Positive uses for rootkits Martin 'Goran' Moravec (Mar 28)
    - Re: Positive uses for rootkits Kev (Mar 28)
    - Re: Positive uses for rootkits Ryan Permeh (Mar 29)
    - Kernel-level security (was Re: Positive uses for rootkits) Craig Boston (Mar 29)
    - Re: Positive uses for rootkits Gregor Binder (Mar 29)
- Re: Positive uses for rootkits Bosschert, B. (is-ks) (Mar 23)
  - ICQ exploit Geo. (Mar 28)
    - Re: ICQ exploit Jonathan James (Mar 28)
    - Re: ICQ exploit Mikko Ruskola (Mar 28)
    - Re: ICQ exploit Knud Erik Højgaard - CyberCity Support (Mar 28)
    - Re: ICQ exploit John (Mar 28)
    - Re: ICQ exploit Blake Frantz (Mar 28)