ICQ Guestbook Exploit ?

[mrousseau () LABCAL COM (Maxime Rousseau)]

Hi list,

Someone (meliksah () meliksah net) in NTBugtraq has pointed out a bug in
the impressively bad programmed ICQ, about all versions. It involves the
personal web server feature of ICQ and overflowing the 'name' paramter
of the guestbook.cgi. Has anyone gave a shot on this and see if its
exploitable? The original poster makes no statements regarding the
possible impact of this. As i am not very familiar with owning cgi stuff
perhaps someone could enlighten me as the usefullness of this (read: do
i have to fear armageddon). Mayhaps someone like rfp or some
web-oriented person...

Thx,
M.