Bugtraq mailing list archives
Re: Security hole in kicq
From: Eric Warmenhoven <warmenhoven () YAHOO COM>
Date: Thu, 15 Feb 2001 14:18:49 -0800
I tried with version 1.0.0, it is vulnerable for sure. Other versions (such as 2.0.0b1) seem to be vulerable as well, though i did not compile them to try.one little try shows that licq (http://licq.org) is vulerable too however the complete url will be visible to the user.
Kaim (http://sourceforge.net/projects/kaim) is also similarly vulnerable; though because it's an AIM client the URL has to be crafted as an HTML link. Kaim doesn't show you the URL before you click on it, though it does let you copy it without going to it. Eric
Current thread:
- Security hole in kicq Marc Roessler (Feb 14)
- Re: Security hole in kicq Wolter Kamphuis (Feb 15)
- Re: Security hole in kicq Eric Warmenhoven (Feb 15)
- Re: Security hole in kicq Graham Roff (Feb 27)
- Re: Security hole in kicq Wolter Kamphuis (Feb 15)