Vulnerability Development mailing list archives
re: possible AIM dos
From: Craig Van Tassle <craig () ambrosa dns2go com>
Date: Tue, 9 Oct 2001 20:20:24 -0500
From what the current AIM docs say to warn someone they must reply or send an IMto the person who is warning them. Therefor unless the person responded to all the sn's they would not be able to get warned.
---- Forwarded message from John Scimone <jscimone () cc gatech edu> ----- Mailing-List: contact vuln-dev-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <vuln-dev.list-id.securityfocus.com> List-Post: <mailto:vuln-dev () securityfocus com> List-Help: <mailto:vuln-dev-help () securityfocus com> List-Unsubscribe: <mailto:vuln-dev-unsubscribe () securityfocus com> List-Subscribe: <mailto:vuln-dev-subscribe () securityfocus com> Delivered-To: mailing list vuln-dev () securityfocus com Delivered-To: moderator for vuln-dev () securityfocus com From: John Scimone <jscimone () cc gatech edu> To: vuln-dev () securityfocus com Subject: possible AIM dos? Date: Tue, 9 Oct 2001 19:14:44 -0400 X-Mailer: KMail [version 1.2] After reading this outdated article regarding AOL Instant Messenger's "warn" feature: http://www.attrition.org/security/denial/w/aim-warn.dos.html I began to wonder what type of restrictions were put on it. Does anyone know what is stopping someone from registering multiple screen names, then sending warnings from each of those names, all targeted at the same user thus keeping that user at a 100% warning level denying them the instant messenger service for the most part? any thoughts are appreciated. thanks. John Scimone ----- End forwarded message -----
Current thread:
- re: possible AIM dos Craig Van Tassle (Oct 09)
- Re: possible AIM dos Bryan (Oct 09)
- Re: possible AIM dos Matthew Sachs (Oct 09)
- <Possible follow-ups>
- Re: possible AIM dos Craig Van Tassle (Oct 09)
- Re: possible AIM dos Bryan (Oct 09)