('binary' encoding is not supported, stored as-is) Icq2001b & Icq2002a Denial Of Service --------------------------------------------------- If you send a malicious "contact" message, you can freeze target icq. Let's look at the contact packet (taken from Massimo Melina documentation) contacts-msg content is: contacts number 0xFE uin 0xFE nick 0xFE uin 0xFE nick ... and so on if we set contacts number to lets say 65535 and will send such packet, then target icq stop responding. Task manager shows, that icq takes more and more memory, until you kill it or it will eat all system resources. Proof of concept: http://www.spacoom.net/dfm/DFM.exe Fix: at this time - disable receiving contacts from everyone (including your contact list) AOL as always instead of patching the bug, trying to threaten me, you can find there letter at http://www.spacoom.net/dfm/aol.txt Michael.
This archive was generated by hypermail 2b30 : Sat Apr 20 2002 - 13:41:12 PDT