Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: AIM bug or feature

From: Ali () WIBBLENESS DEMON CO UK (Alistair Orchard)
Date: Wed, 10 May 2000 05:22:51 +0100

yeah .. if you put in a HTML code higher than 255 in ASCII then you will crash older versions of AOL AIM, IIRC
Versions 3.something downwards
̄  will kill the program .. don't know if it's exploitable or not ..

A. Orchard
IT Support.
(Not enough sleep tonite)

  ----- Original Message ----- 
  From: jeff D 
  To: VULN-DEV () SECURITYFOCUS COM 
  Sent: Wednesday, May 10, 2000 4:56 AM
  Subject: AIM bug or feature

  I was experimenting with AIM's direct connection feature and i would like to know if it is a feature or a bug that 
once you are connected(like DCC chat on IRC) that you can logoff of AIM and still be able to talk to that person and 
send images.  Also if it is a bug, does anybody know of any vulnerabilities or anything besides being able to get a 
persons IP & hostmask. 

  Jeff D
Previous By Date Next
Previous By Thread Next

Current thread: