FW: AOL IM 4.7 d0s 0-Day
From: leon (leon@inyc.com)Date: 09/30/01
- Previous message: niceshorts@yahoo.com: "Re: JRun 3.0 SP2 Vulnerability??"
- Next in thread: leon: "FW: AOL IM 4.7 d0s 0-Day"
- Reply: leon: "FW: AOL IM 4.7 d0s 0-Day"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "leon" <leon@inyc.com> To: <vuln-dev@securityfocus.com> Subject: FW: AOL IM 4.7 d0s 0-Day Date: Sat, 29 Sep 2001 19:34:11 -0400 Message-ID: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAA+8DoZCJ8SEaYk5pn4rrIf8KAAAAQAAAAIbeDDw95h0itTIuIK3haMwEAAAAA@inyc.com>
-----Original Message-----
From: leon [mailto:leon@inyc.com]
Sent: Saturday, September 29, 2001 7:32 PM
To: 'vuln-dev@securityfocus.com'
Subject: AOL IM 4.7 d0s 0-Day
Hi everyone,
There is currently a 0-Day exploit for aol im that allows anyone to boot
you just by sending an im, It is similar to the old ̂ bootstring.
I have managed to get a debug of it along with a capture of the packets.
Can anyone help me figure out how to defend against this or in the very
least explain what is going on (since I don't have coding skillz). I
managed to capture the packets with iris 2.0 and they are now .cap
files. Can anyone help me A) recreate the exploit & B) tell me how to
defend against it?
Cheers,
Leon
Please mail me offline for the debug
- application/octet-stream attachment: 1st_packet.cap
- application/octet-stream attachment: 2nd_packet.cap
- Previous message: niceshorts@yahoo.com: "Re: JRun 3.0 SP2 Vulnerability??"
- Next in thread: leon: "FW: AOL IM 4.7 d0s 0-Day"
- Reply: leon: "FW: AOL IM 4.7 d0s 0-Day"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
