Bugtraq mailing list archives
RE: Trillian Remote DoS Attack - AIM
From: "Joshua Wright" <Joshua.Wright () jwu edu>
Date: Tue, 24 Sep 2002 08:43:18 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I was unable to reproduce a Trillian crash in this manner. Using Trillian 0.74b on Windows XP sp1, test client Windows 2000 sp2 using AOL IM 5.0.2938. Sent strings "P > O < C", "ee > 3e < 3dsaf", "3 > 3 < 3", "computer > security < now" using a variety of fonts in AOL IM. Did not see a significant jump in CPU or memory utilization. - -Joshua Wright Team Leader, Networks and Systems Johnson & Wales University Joshua.Wright () jwu edu pgpkey: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD44B4A73 fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73
Impact Trillian crashes and you have to restart. Bonus is if you keep crashing the person, AIM services will ban them for login flooding (Timed Ban).
######################### # Offending Data String # ######################### Send a AOL IM to someone with this string anywhere in the message (the spaces must be there) P > O < C And it will cause the application to crash. Other data strings do work IE ee > 3e < 3dsaf 3 > 3 < 3 computer > security < now
-----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPZBd5o/i/ArUS0pzEQK2KwCePKyvZfvNAiCnhzlAWgsuCsDiGkEAoPs7 oWbp8KSm0iK89qcb+xc3Vg7w =DdUp -----END PGP SIGNATURE-----
Current thread:
- Trillian Remote DoS Attack - AIM Spikeman (Sep 23)
- <Possible follow-ups>
- RE: Trillian Remote DoS Attack - AIM Joshua Wright (Sep 24)
- RE: Trillian Remote DoS Attack - AIM Eric Stevens (Sep 24)