[26288] in bugtraq
Icq 2001&2002 vulnerability
daemon@ATHENA.MIT.EDU (Michael)
Wed Jul 24 14:46:43 2002
Date: 24 Jul 2002 15:38:22 -0000
Message-ID: <20020724153822.20430.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Michael <spacoom@gmx.net>
To: bugtraq@securityfocus.com
Icq 2001&2002 have feature, that allows to insert graphical smiles.
I found, that if you send message filled with lots of smiles(icq msg can
be about 7000 bytes long), then target icq hangs for 10-20 seconds,
consuming all CPU time, or simply crashs.
It seems for me that such type of message crashs only icq's that have
large .dat file, which holds all history.
You can download working example from: http://www.iFud.com/dfm/DFMa.exe
As you maybe remember, AOL was trying to threaten me for finding bugs. You
can find new threats here: http://www.iFud.com/aol.htm
Michael, icq 102166
