Vulnerability Development mailing list archives

Re: ICQ exploit

From: John <jchri09 () ATTGLOBAL NET>
Date: Wed, 28 Mar 2001 02:50:57 -0700

That is a known issue since 1998 and AIM has the same problem.


----- Original Message -----
From: "Geo." <georger () NLS NET>
To: <VULN-DEV () SECURITYFOCUS COM>
Sent: Monday, March 26, 2001 12:21 PM
Subject: ICQ exploit

While playing around with my laptop and desktop today I noticed something
with ICQ.

If you have ICQ setup on 2 machines using the same ICQ number, as soon as
the second machine starts ICQ up the first machine gets an error about

your

ICQ number being used on another machine and immediately takes ICQ off

line.


I don't know the mechanism that allows this but has anyone considered an
exploit based upon this mechanism? Seems to me a sequential run could

knock

a whole bunch of people off ICQ..

Geo.

Current thread:

Re: Positive uses for rootkits, (continued)
- - - Re: Positive uses for rootkits Martin 'Goran' Moravec (Mar 28)
    - Re: Positive uses for rootkits Kev (Mar 28)
    - Re: Positive uses for rootkits Ryan Permeh (Mar 29)
    - Kernel-level security (was Re: Positive uses for rootkits) Craig Boston (Mar 29)
    - Re: Positive uses for rootkits Gregor Binder (Mar 29)
- Re: Positive uses for rootkits Bosschert, B. (is-ks) (Mar 23)
  - ICQ exploit Geo. (Mar 28)
    - Re: ICQ exploit Jonathan James (Mar 28)
    - Re: ICQ exploit Mikko Ruskola (Mar 28)
    - Re: ICQ exploit Knud Erik Højgaard - CyberCity Support (Mar 28)
    - Re: ICQ exploit John (Mar 28)
    - Re: ICQ exploit Blake Frantz (Mar 28)