lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 4 Feb 2006 13:10:36 -0500 From: Stan Bubrouski <stan.bubrouski@...il.com> To: "shell@...shell.net" <shell@...shell.net> Cc: bugtraq@...urityfocus.com Subject: Re: AOL Instant Messenger Version 5.9.3861 Local Buffer Overrun Vulnerability On the other hand I can't seem to reproduce the below-mentioned bug either on win2k up2date with AIM 5.9.3861. -sb On 3 Feb 2006 02:28:56 -0000, shell@...shell.net <shell@...shell.net> wrote: > As I submitted to full disclosure: > > "I have discovered that there is a buffer overrun vulnerability in AOL's Instant Messenger program. I have only tested this on version 5.9.3861. The problem causes a minimum of a program crash. I am not sure as to the posibility of shellcode execution. > > The vulnerability can be exploited by supplying an overly large username from which to obtain "buddy info." > > If you are unsure as to what I am talking about, I can post a screenshot." > > Well, I made a Macromedia Captivate-made video of it. http://www.dotshell.net/aim.swf. What I am thinking is that a program can be written to write an overlong string and shellcode to the address effected and execute the same operation to leverage the problem. >
Powered by blists - more mailing lists