Bugtraq mailing list archives

Re: ICQ remote buffer overflow vulnerability

From: elijah wright <elw () stderr org>
Date: Mon, 7 Jan 2002 16:33:44 -0500 (EST)

This is very similar to the AIM overflow recently discovered.
ICQ protocol uses the same TLV (2711) packet and there is a similar
weakness in the parsing of the packet.


duh, that's because its essentially the same protocol.  :)

ICQ clients should probably be viewed with the same suspicion as the
vulnerable AIM clients.

elijah

Current thread:

ICQ remote buffer overflow vulnerability Daniel Tan (Jan 07)
- Re: ICQ remote buffer overflow vulnerability Daniel Tan (Jan 07)
- Re: ICQ remote buffer overflow vulnerability elijah wright (Jan 08)
  - Re: ICQ remote buffer overflow vulnerability Daniel Tan (Jan 08)
  - Re: ICQ remote buffer overflow vulnerability 'ken'@FTU (Jan 08)
- Re: ICQ remote buffer overflow vulnerability Nick FitzGerald (Jan 08)