Bugtraq: RE: Trillian Remote DoS Attack

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

RE: Trillian Remote DoS Attack - AIM

From: "Eric Stevens" <mightye () mightye org>
Date: Tue, 24 Sep 2002 13:38:11 -0400

Tried unsuccessfully to replicate on Trillian 0.73, sending from Trillian
Pro 1.0.  Sent
P > O < C
by itself.  Sent during both encrypted, and non-encrypted sessions.  No
crash reported on either end.

-MightyE

-----Original Trimmed Message-----
From: Spikeman [mailto:spikeman () computersecuritynow com]
Subject: Trillian Remote DoS Attack - AIM


#########################
# Offending Data String #
#########################
Send a AOL IM to someone with this string anywhere in the message
(the spaces must be there)

P > O < C

And it will cause the application to crash. Other data strings do work IE
ee > 3e < 3dsaf
3 > 3 < 3
computer > security < now

By Date By Thread

Current thread:

Trillian Remote DoS Attack - AIM Spikeman (Sep 23)
- <Possible follow-ups>
- RE: Trillian Remote DoS Attack - AIM Joshua Wright (Sep 24)
- RE: Trillian Remote DoS Attack - AIM Eric Stevens (Sep 24)