[23737] in bugtraq
ICQ remote buffer overflow vulnerability
daemon@ATHENA.MIT.EDU (Daniel Tan)
Mon Jan 7 17:08:55 2002
Message-ID: <3C38ACAB.474676E2@seas.upenn.edu>
Date: Sun, 06 Jan 2002 14:59:39 -0500
From: Daniel Tan <datan@seas.upenn.edu>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
This is very similar to the AIM overflow recently discovered.
ICQ protocol uses the same TLV (2711) packet and there is a similar
weakness in the parsing of the packet.
The details of this vulnerability will not be released until a
further time (when a patch has been implemented, probably). ICQ2000
clients are vulnerable. ICQ2001 clients do not appear to be
vulnerable under default setup conditions.
Execution of arbitary code is possible since EAX/EBX point to within
the payload.
Until AOL announces a patch/workaround, it is highly recommended to
restrict receiving of events (other than normal messages) to contacts you
know.
-------------
Daniel Tan
Class of 2004
Jerome Fisher Management & Technology Program
University of Pennsylvania, USA
datan@seas.upenn.edu
datan@wharton.upenn.edu
-------------
