[13426] in bugtraq
Re: ICQ Buffer Overflow Exploit
daemon@ATHENA.MIT.EDU (Bryce Walter)
Wed Jan 19 13:14:02 2000
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-Id: <20000118194326.57510.qmail@hotmail.com>
Date: Tue, 18 Jan 2000 19:43:26 GMT
Reply-To: Bryce Walter <brycewalter@HOTMAIL.COM>
From: Bryce Walter <brycewalter@HOTMAIL.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
Yes, but how tough would it be to write your own client to send msgs on the
icq network. MS did it w/ AOL's instant messenger. :)
>I have been playing with this bug a little, and it seems that ICQ only
>picks
>up oversize messages when they are keyed in, and not when they are pasted.
>maybe it wouldn't be so bad if this was fixed so that at least the client
>couldn't be used to execute this attack. :-/
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
