Bugtraq mailing list archives

ICQ remote buffer overflow vulnerability

From: Daniel Tan <datan () seas upenn edu>
Date: Sun, 06 Jan 2002 14:59:39 -0500

This is very similar to the AIM overflow recently discovered.

ICQ protocol uses the same TLV (2711) packet and there is a similar 
weakness in the parsing of the packet.


The details of this vulnerability will not be released until a 
further time (when a patch has been implemented, probably). ICQ2000 
clients are vulnerable. ICQ2001 clients do not appear to be 
vulnerable under default setup conditions.

Execution of arbitary code is possible since EAX/EBX point to within
the payload. 

Until AOL announces a patch/workaround, it is highly recommended to 
restrict receiving of events (other than normal messages) to contacts you 
know.


-------------
Daniel Tan
Class of 2004
Jerome Fisher Management & Technology Program
University of Pennsylvania, USA
datan () seas upenn edu
datan () wharton upenn edu
-------------

Current thread:

ICQ remote buffer overflow vulnerability Daniel Tan (Jan 07)
- Re: ICQ remote buffer overflow vulnerability Daniel Tan (Jan 07)
- Re: ICQ remote buffer overflow vulnerability elijah wright (Jan 08)
  - Re: ICQ remote buffer overflow vulnerability Daniel Tan (Jan 08)
  - Re: ICQ remote buffer overflow vulnerability 'ken'@FTU (Jan 08)
- Re: ICQ remote buffer overflow vulnerability Nick FitzGerald (Jan 08)