Re: ICQ Buffer Overflow Exploit

Subject: Re: ICQ Buffer Overflow Exploit
From: Bryce Walter (brycewalterHOTMAIL.COM)
Date: Tue Jan 18 2000 - 13:43:26 CST

• Next message: Mike Frantzen: "Trusted process on an untrusted machine?"
• Previous message: David LeBlanc: "Re: usual iploggers miss some variable stealth scans"
• Maybe in reply to: drew copley: "ICQ Buffer Overflow Exploit"
• Next in thread: Dylan Griffiths: "Re: ICQ Buffer Overflow Exploit"
• Maybe reply: Bryce Walter: "Re: ICQ Buffer Overflow Exploit"
• Reply: Dylan Griffiths: "Re: ICQ Buffer Overflow Exploit"
• Reply: Jeremy Johnson: "Re: ICQ Buffer Overflow Exploit"
• Reply: Nick Summy: "Re: ICQ Buffer Overflow Exploit"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Yes, but how tough would it be to write your own client to send msgs on the
icq network. MS did it w/ AOL's instant messenger. :)

>I have been playing with this bug a little, and it seems that ICQ only
>picks
>up oversize messages when they are keyed in, and not when they are pasted.
>maybe it wouldn't be so bad if this was fixed so that at least the client
>couldn't be used to execute this attack. :-/

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

• Next message: Mike Frantzen: "Trusted process on an untrusted machine?"
• Previous message: David LeBlanc: "Re: usual iploggers miss some variable stealth scans"
• Maybe in reply to: drew copley: "ICQ Buffer Overflow Exploit"
• Next in thread: Dylan Griffiths: "Re: ICQ Buffer Overflow Exploit"
• Maybe reply: Bryce Walter: "Re: ICQ Buffer Overflow Exploit"
• Reply: Dylan Griffiths: "Re: ICQ Buffer Overflow Exploit"
• Reply: Jeremy Johnson: "Re: ICQ Buffer Overflow Exploit"
• Reply: Nick Summy: "Re: ICQ Buffer Overflow Exploit"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b27 : Wed Jan 19 2000 - 11:30:51 CST