|
Vulnerability Development
mailing list archives
Re: AOL IM 4.7 d0s 0-Day
From: <austin () theatticspace com>
Date: Sun, 30 Sep 2001 18:23:51 -0500
you should see an IM from from someone before AIM crashes...
so, you would know if someone was attacking you.
----- Original Message -----
From: <dev-null () no-id com>
To: <vuln-dev () securityfocus com>
Sent: Sunday, September 30, 2001 3:19 PM
Subject: Re: AOL IM 4.7 d0s 0-Day
Shortly after this message was posted, my version of AIM would crash
immediately after signing on. I would restart it and sign on again, but it
would still crash. I was lead into believing that I was the victim of a DOS
exploit because AIM would not crash if I would wait an extended period of
time before signing on again... as if someone was waiting for me, but got
bored and became distracted with something (or someone?) else. Once I stay
on for a certain length of time, I get booted and the cycle starts again.
I reinstalled the software multiple times.
Here is a dump of the crash:
AIM caused an invalid page fault in
module KERNEL32.DLL at 017f:bff87ede.
Registers:
EAX=c00309c4 CS=017f EIP=bff87ede EFLGS=00010216
EBX=0063f608 SS=0187 ESP=0053ffcc EBP=00540038
ECX=005401ec DS=0187 ESI=81745aec FS=489f
EDX=bff76855 ES=0187 EDI=00540214 GS=0000
Bytes at CS:EIP:
53 56 57 8b 30 83 7d 10 01 8b 4e 38 89 4d f8 75
Stack dump:
--
This message has been sent via an anonymous mail relay at www.no-id.com.
 By Date 
By Thread
Current thread:
- Re: AOL IM 4.7 d0s 0-Day austin (Sep 30)
| 
Intro
