[20499] in bugtraq
Mirabilis ICQ WebFront Plug-in Denial of Service
daemon@ATHENA.MIT.EDU (SNS Research)
Sat Apr 28 13:16:00 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <1674026720.20010428023810@greyhack.com>
Date: Sat, 28 Apr 2001 02:38:10 +0200
Reply-To: SNS Research <vuln-dev@greyhack.com>
From: SNS Research <vuln-dev@greyhack.com>
To: BUGTRAQ@SECURITYFOCUS.COM
Strumpf Noir Society Advisories
! Public release !
<--#
-= Mirabilis ICQ WebFront Plug-in Denial of Service =-
Release date: Saturday, April 28, 2001
Introduction:
WebFront is a plugin for Mirabilis' ICQ messaging program which
allows a user to setup a web page through ICQ.
ICQ WebFront is available for ICQ from vendor Mirabilis'
website: http://www.icq.com
Problem:
The web server on which this plugin relies is susceptible to a DoS
attack through a malformed GET request. If this request contains
86 or more %'s or combinations of %'s with other characters (for
example ascii encoded dots or backslashes) the ICQ program will
begin consuming 100% cpu and will become unresponsive.
A restart of the program is required to regain full functionality.
(..)
Solution:
This problem has been brought to the vendors attention, however no
fixes appear to be forthcoming at this time, we were only able to get a
"your message has been forwarded to the appropiate address" response.
This was tested against ICQ2000b Build 3278 running on MS Win2k.
yadayadayada
SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html)
compliant, all information is provided on AS IS basis.
EOF, but Strumpf Noir Society will return!
