Re: ICQ Buffer Overflow Exploit

From: Nick Summy (doggystyleat_private)
Date: Wed Jan 19 2000 - 11:21:38 PST

Next message: what's your style?: "Unixware ppptalk"

Previous message: Tabor J. Wells: "Re: Microsoft Security Bulletin (MS00-005)"
Maybe in reply to: drew copley: "ICQ Buffer Overflow Exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Not difficult at all,  if anyone has ever though about it,  here
http://www.student.nada.kth.se/~d95-mih/icq/   is a webpage that  explains a
lot about the ICQ protocol,  it also explains a little about AOL's

- Nick

Bryce Walter wrote:

> Yes, but how tough would it be to write your own client to send msgs on the
> icq network.  MS did it w/ AOL's instant messenger.  :)
>
> >I have been playing with this bug a little, and it seems that ICQ only
> >picks
> >up oversize messages when they are keyed in, and not when they are pasted.
> >maybe it wouldn't be so bad if this was fixed so that at least the client
> >couldn't be used to execute this attack. :-/
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com

Next message: what's your style?: "Unixware ppptalk"
Previous message: Tabor J. Wells: "Re: Microsoft Security Bulletin (MS00-005)"
Maybe in reply to: drew copley: "ICQ Buffer Overflow Exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:29:25 PDT