Vulnerability Development mailing list archives

Re: icq 2000 ads

From: Morten Johansen <morten () DATASYS ORG>
Date: Thu, 22 Feb 2001 22:06:52 +0100

  Allowing any program to automatically update the registry from an online
script is not my idea of security. Possibly this is an area that should be
inspected and checked to ensure Mirabilis has locked in limits to the registry
keys they permit their .cb files to alter.
  My firewall detected access to this URL even though I have specifically
requested that ICQ not attempt to update itself through both configuration and
registry. I have now locked this domain out while I have ICQ running and after
a few minutes, ICQ stops trying to connect and force an update I have no wish
to do.


An forged host entry (host.) would be enough to redirect the url access
to an forged reg upd. Still this would require the attacker to already
have breached the system.

or to have control over the DNS used by that system

Morten Johansen
morten () datasys org

Current thread:

Re: icq 2000 ads, (continued)
- - Re: icq 2000 ads Jeffrey R Eaves (Feb 21)
  - Re: icq 2000 ads Sander Smeenk (CistroN Medewerker) (Feb 21)
  - Message not available
    - Re: icq 2000 ads Thierry (Feb 21)
- Re: Icq 2000 ads Usman Akeju (Feb 21)
- Re: icq 2000 ads Aussie (Feb 21)
- icq 2000 ads percival (Feb 21)
  - Re: icq 2000 ads Blue Boar (Feb 21)
  - Re: icq 2000 ads Ron DuFresne (Feb 23)
- Re: icq 2000 ads Aussie (Feb 22)
  - Re: icq 2000 ads Thierry (Feb 22)
    - Re: icq 2000 ads Morten Johansen (Feb 22)
    - Re: icq 2000 ads Shoten (Feb 23)