Vulnerability Development mailing list archives
In regards to the insecurity of AOL Instant Messenger
From: "mike" <phar () thetransmission net>
Date: Tue, 6 Aug 2002 13:39:33 -0400
http://www.thetransmission.net/phar/ seventh link down.. -phar phar () thetransmission net
-----Original Message----- From: Adam Carr [mailto:itsacarr () adelphia net] Sent: Monday, August 05, 2002 3:58 PM To: vuln-dev () lists securityfocus com Subject: In regards to the insecurity of AOL Instant Messenger After seeing the recent emails about the hide windows while away = function while I don't quite understand that as a security threat this = does remind me of other insecurities of AIM and some questions I had as = well. The first threat to AIM users that I am aware of and have tested myself = is under Direct Connects with another user. With a targets ip, it is not = difficult at all to intercept the dcc's messages and to input your own. = Quite frightening. A simple fix is to change the port which AIM direct = connects on. Seeing as how my explanations are not that great I invite = anyone else who is aware of this to explain that flaw in AIM. Now my question, is how secure are normal "ims" on AIM. How difficult = would it be to listen to anothers msgs and if at all possible, how could = this be fixed.=20 I know AIM has\had it's share of other vulnerabilities so please speak = up if you know of any. Thanks ... Cheers ... Adam
Current thread:
- In regards to the insecurity of AOL Instant Messenger Adam Carr (Aug 05)
- Re: In regards to the insecurity of AOL Instant Messenger Alex Lambert (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger Nick Lange (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger moksha faced (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger Alex Lambert (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger Alex Lambert (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger Bojan Zdrnja (Aug 07)
- Re: In regards to the insecurity of AOL Instant Messenger Nick Lange (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger Alex Lambert (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger H C (Aug 06)
- <Possible follow-ups>
- RE: In regards to the insecurity of AOL Instant Messenger jbarbo1 (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger John Scimone (Aug 06)
- In regards to the insecurity of AOL Instant Messenger mike (Aug 06)
- RE: In regards to the insecurity of AOL Instant Messenger Seth Knox (Aug 06)
- RE: In regards to the insecurity of AOL Instant Messenger Jason Barbour (Aug 06)