lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <122827b90602041010i5e1a8b48x4a405bb34e055907@mail.gmail.com>
Date: Sat, 4 Feb 2006 13:10:36 -0500
From: Stan Bubrouski <stan.bubrouski@...il.com>
To: "shell@...shell.net" <shell@...shell.net>
Cc: bugtraq@...urityfocus.com
Subject: Re: AOL Instant Messenger Version 5.9.3861 Local Buffer Overrun Vulnerability


On the other hand I can't seem to reproduce the below-mentioned bug
either on win2k up2date with AIM 5.9.3861.

-sb

On 3 Feb 2006 02:28:56 -0000, shell@...shell.net <shell@...shell.net> wrote:
> As I submitted to full disclosure:
>
> "I have discovered that there is a buffer overrun vulnerability in AOL's Instant Messenger program. I have only tested this on version 5.9.3861. The problem causes a minimum of a program crash. I am not sure as to the posibility of shellcode execution.
>
> The vulnerability can be exploited by supplying an overly large username from which to obtain "buddy info."
>
> If you are unsure as to what I am talking about, I can post a screenshot."
>
> Well, I made a Macromedia Captivate-made video of it. http://www.dotshell.net/aim.swf. What I am thinking is that a program can be written to write an overlong string and shellcode to the address effected and execute the same operation to leverage the problem.
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ