Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

AIM Exploit!!

From: tuna <tuna () eurocompton net>
Date: Fri, 19 Jul 2002 20:34:53 -0400 (EDT)


----- 420 --------------------- 420 ---------------- 420-----------------

wh4T uP d0oDZ th1z is THE HERBaLiSER [420] br1ngin u th3 k-phr3$h3zT
w4r3z ar0und!@#$#$$

aff3ctZ: version 4.8.2790 (and lower) Windows32 AIM Client
s3v3r1ty: u c0uld g3t f1r3d duDeZ!@#!##

vulnerab1litty: u c4n m4k3 luzerS cl1k URLs they th1nk p0int elsewh3r!@@
                (a r1ghte0us g00d l4f indeed!!!!!)

expl0it: s3l3ct th3 "link" button 0n th3 t00lbar in an act1v3 IM sess10n,
         for l1nk teXt put 1n s0m3 PG rat3d l1nk, then 1n th3 URL b0x on
         t0p puT a r34L n4Zty l1nk!@@@@ (fUn insu3z dud3Z eye sw34r
         1t!!!!@) bl4mm0!!@@@ th4tz 1t n0 onethirtyseven or n0th1ng!!!

ex4mpl3 0f expl0it us3d in w1ld:

TeenSinks420: http://www.ebay.com/Show.cgi?ItemId=43520921
TeenSinks420: can i ahve loan for that
MyOLDBoSSCEO: what the
MyOLDBoSSCEO: aklshfkjahf
(l1nk r34lly p0int3d @ http://www.dms100.org/worksucks)

an0th3r sc3nar10:

HerBAliSER2k2:
http://news.yahoo.com/news?tmpl=story2&cid=362&ncid=815&e=3&u=/trib/20020719/lo_latimes/court_accepts_medical_pot_use
HerBAliSER2k2: they write story about u LOL
BANGHOLIOS signed off at 5:19:23 PM.

b1g pr0PZ t0 g0bbl3z 4 th4t apAych33 shYT buT th1Z sh1t is th3 h4rk0r
w4r3z (c4nt t0uch d1$!@@@@@@@)

- HERB

----- 420 --------------------- 420 ---------------- 420-----------------
Previous By Date Next
Previous By Thread Next

Current thread: