[NEWS] AIM Remote File Transfer/Direct Connection Vulnerability

From: support@securiteam.com
Date: 04/23/02 

From: support@securiteam.com
To: list@securiteam.com
Date: Tue, 23 Apr 2002 21:42:31 +0200 (CEST)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  AIM Remote File Transfer/Direct Connection Vulnerability
------------------------------------------------------------------------

SUMMARY

A security vulnerability in AIM allows attackers to steal file transfers
destined for other users, or intrude into a direct connection initiated
between two AIM users. This would allow an attacker to get a hold of
sensitive information traversing between two end users, and use this
information to impersonate one of the end users.

DETAILS

When AIM gets a connection request or tries to connect to someone else it
acts as a server, a program that would rapidly try and connect to the
target IP (every 450 milliseconds) on port 4443 (Direct Connection) and
5190 (File Transfer) would be able to grab any file waiting for transfer.

ADDITIONAL INFORMATION

The information has been provided by <mailto:sil@linuxquestions.net> Sil.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Relevant Pages