re: possible AIM dos

[Craig Van Tassle <craig () ambrosa dns2go com>]

> From what the current AIM docs say to warn someone they must reply or send an IMto the person who is warning them.  
> Therefor unless the person responded to all the sn's they would not be able to get warned.  
---- Forwarded message from John Scimone <jscimone () cc gatech edu> -----

Mailing-List: contact vuln-dev-help () securityfocus com; run by ezmlm
Precedence: bulk
List-Id: <vuln-dev.list-id.securityfocus.com>
List-Post: <mailto:vuln-dev () securityfocus com>
List-Help: <mailto:vuln-dev-help () securityfocus com>
List-Unsubscribe: <mailto:vuln-dev-unsubscribe () securityfocus com>
List-Subscribe: <mailto:vuln-dev-subscribe () securityfocus com>
Delivered-To: mailing list vuln-dev () securityfocus com
Delivered-To: moderator for vuln-dev () securityfocus com
From: John Scimone <jscimone () cc gatech edu>
To: vuln-dev () securityfocus com
Subject: possible AIM dos?
Date: Tue, 9 Oct 2001 19:14:44 -0400
X-Mailer: KMail [version 1.2]

After reading this outdated article regarding AOL Instant Messenger's "warn" 
feature:

http://www.attrition.org/security/denial/w/aim-warn.dos.html

I began to wonder what type of restrictions were put on it.  Does anyone know 
what is stopping someone from registering multiple screen names, then sending 
warnings from each of those names, all targeted at the same user thus keeping 
that user at a 100% warning level denying them the instant messenger service 
for the most part? 
any thoughts are appreciated.
thanks.

John Scimone

----- End forwarded message -----