Vulnerability Development mailing list archives
Re: ICQ exploit
From: Jonathan James <Jonathan () SECURITO SE>
Date: Wed, 28 Mar 2001 12:26:00 +0200
Geo. This is a feature not a bug. This feature was put in so that users would not get an error message of "Login error, you are already logged in.." if a users ISP connection dropped or a users computer froze.. The first client only gets kicked off if the second client issues the correct login and password. Jonathan James ----- Original Message ----- From: "Geo." <georger () NLS NET> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Monday, March 26, 2001 9:21 PM Subject: ICQ exploit
While playing around with my laptop and desktop today I noticed something with ICQ. If you have ICQ setup on 2 machines using the same ICQ number, as soon as the second machine starts ICQ up the first machine gets an error about
your
ICQ number being used on another machine and immediately takes ICQ off
line.
I don't know the mechanism that allows this but has anyone considered an exploit based upon this mechanism? Seems to me a sequential run could
knock
a whole bunch of people off ICQ.. Geo.
Current thread:
- Re: Positive uses for rootkits, (continued)
- Re: Positive uses for rootkits Dick Visser (Mar 26)
- The use of immunix Renee Teunissen (Mar 26)
- Re: Positive uses for rootkits Ben Ford (Mar 27)
- Re: Positive uses for rootkits Martin 'Goran' Moravec (Mar 28)
- Re: Positive uses for rootkits Kev (Mar 28)
- Re: Positive uses for rootkits Ryan Permeh (Mar 29)
- Kernel-level security (was Re: Positive uses for rootkits) Craig Boston (Mar 29)
- Re: Positive uses for rootkits Gregor Binder (Mar 29)
- ICQ exploit Geo. (Mar 28)
- Re: ICQ exploit Jonathan James (Mar 28)
- Re: ICQ exploit Mikko Ruskola (Mar 28)
- Re: ICQ exploit Knud Erik Højgaard - CyberCity Support (Mar 28)
- Re: ICQ exploit John (Mar 28)
- Re: ICQ exploit Blake Frantz (Mar 28)