[37837] in bugtraq
Re: [Full-Disclosure] Re: Gadu-Gadu, another two bugs
daemon@ATHENA.MIT.EDU (Maciej Soltysiak)
Mon Dec 20 17:59:42 2004
X-Qmail-Scanner-Mail-From: maciej@soltysiak.com via dns
X-Qmail-Scanner-Rcpt-To: bugtraq@securityfocus.com,full-disclosure@lists.netsys.com
Message-ID: <004601c4e6dc$f51bcd10$0e25fe0a@pysiak>
From: "Maciej Soltysiak" <maciej@soltysiak.com>
To: <bugtraq@securityfocus.com>, <full-disclosure@lists.netsys.com>
Date: Mon, 20 Dec 2004 22:43:07 +0100
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="ISO-8859-1";
reply-type=response
Content-Transfer-Encoding: 7bit
> Beware, this bug is being already exploited in the wild. I have just
> received the following message from WWW to GG gateway (gg# 7021349):
I recomend all Gadu-Gadu users to turn on the option that does not show
messages from unknown users.
This option appeared in version 6.0 build 151 or so (at leat 150 does not
have this)
This might mitigate this and other exploits sent in messages, and those
are mostly from unknown users.
Of course it is best to upgrade to the current version too :-)
Best Regards,
Maciej Soltysiak
