| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 19 Dec 2003 15:24:31 -0000 From: Josh Camacho <sfocus@...omus.com> To: bugtraq@...urityfocus.com Subject: AOL Instant Messanger - Buddy Icon Warn Exploit AOL Instant Messanger - Buddy Icon Warn Exploit "Discovered by Robbie Saunders, it allows you to warn somebody if they have a buddy icon, but they don't have to send you an Instant Message. This has to be done using a program though, it just sends the user an IM, but request's their buddy icon at the end of it, taking their rate limit away allowing you to warn them or just kill their rate limit all together." Several programs have already implemented this exploit resulting in a quick attack to raise your warning level to 100% and crippling your communication through aol instant messanger. Im sorry at this time I do not have the specifics, recommended action is of course to remove your buddy icon until this issue is resolved.
Powered by blists - more mailing lists