Bugtraq mailing list archives
Re: ICQ Buffer Overflow Exploit
From: toto () XPLOITER COM (Simon Steed)
Date: Thu, 13 Jan 2000 20:37:53 +0000
Tested on NT4 (SP6), ICQ ver 99 beta build 3.19 Does not work. Just get the URL 404 not found (obviously :o)). ICQ Functions as normal. Regards Simon At 06:30 PM 1/11/00 , you wrote:
Buffer Overflow in ICQ OS tested on: Windows 2000 ICQ version: 99b 1.1.1.1 ICQ is a very popular chat client that is affected by a exploitable buffer overflow when it parses an URL sent by another user.
Project Xploiter - Open Source Development http://www.xploiter.com/project_xploiter/index.html Xploit your software before it Xploits you! ICQ UIN: 22731442
Current thread:
- Re: NIS2k, (continued)
- Re: NIS2k Brad Griffin (Jan 13)
- Misleading sense of security in Netscape Craig Ruefenacht (Jan 13)
- Re: Misleading sense of security in Netscape Jefferson Ogata (Jan 18)
- New MySQL Available Scott (Jan 13)
- BindView Security Advisory: Local Promotion Vulnerability in Windows NT 4 BindView Security Advisory (Jan 13)
- Microsoft Security Bulletin (MS00-003) Microsoft Product Security (Jan 13)
- ICQ Buffer Overflow Exploit drew copley (Jan 11)
- Re: ICQ Buffer Overflow Exploit Dennis W. Mattison (Little Wolf) (Jan 12)
- Re: ICQ Buffer Overflow Exploit Michael DeSimone (Jan 13)
- Re: ICQ Buffer Overflow Exploit Tom Schumm (Jan 14)
- Re: ICQ Buffer Overflow Exploit Simon Steed (Jan 13)
- Anyone can take over virtually any domain on the net... Thomas Reinke (Jan 11)
- Re: Anyone can take over virtually any domain on the net... Jon Lewis (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Jeffrey Paul (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Chris Adams (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Shafik Yaghmour (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Nick Lamb (Jan 15)
- Re: Anyone can take over virtually any domain on the net... Kurt Seifried (Jan 13)
- Blinding BIND to a moving domain D. J. Bernstein (Jan 12)
- Re: Blinding BIND to a moving domain Ken Gourlay (Jan 12)
- CyberCash MCK 3.2.0.4: Large /tmp hole Sheldon Young (Jan 12)