Re: ICQ Spoofing Question (or second dumb question of the day)

[Masial <masial () SECURED ORG>]

Heh, somehow i knew someone would say this :)

> -----Original Message-----
> From: Bluefish (P.Magnusson) [mailto:11a () gmx net]
>
> Now, I do agree that hacking icq accounts by the aid of JPEG is extremly
> far fetched, but actually possible? A number of netscape versions (perhaps
> other softwares as well) had an exploitable overflow in the JPEG handling.
>
> Assuming that someone wrote a kit which was designed to aid in an attack
> somehow (shellcode which actually grabs icq passwords sounds a bit hard to
> code though), attackers could actively use JPEGs for this.

Ok well, the point of my original comment was to underline the cluelesness
of the ICQ people about security and the internet in general.. But If
someone sends me a JPEG directly, there is no telling what program I'm going
to use to open the picture, but i can tell you that its NOT going to be
netscape (i like lview). If someone's goal was to exploit a JPEG
vulnerability in a web browser, I belive the best way to exploit a victim
would be to send him/her to a web page (via an URL message) containing the
poisoned JPEG.

So I still belive its extremely unlikely to have somoneone grab others'
passwords by sending them a JPEG. Maybe you can assume the person did not
realise that everyone does not open jpegs with netscape (or other infected
software) but i dont think that someone who would assume this could write
the kind of fancy JPEG exploit we'r talking about.

I guess, everything is possible now tho. I remember days when i told people
: "No, you cannot catch a virus just by opening an email. Thats not
possible". Thats evolution for ya.

M.