Re: AOL Instant Messenger URL Crash

djrNARNIA.N.ML.ORG

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Adam Brown: "Re: AOL Instant Messenger URL Crash"
• Previous message: Shadow: "Bash Bug"
• In reply to: Adam Brown: "AOL Instant Messenger URL Crash"
• Next in thread: Adam Brown: "Re: AOL Instant Messenger URL Crash"

On Mon, 19 Apr 1999, Adam Brown wrote:
) There is a bug in the newer versions of AOL's Instant Messenger that will
) cause the client to crash when exploited.  All builds of version 2.0 that
) I've tested seem to be vulnerable, although I have not done extensive
) version testing.  AOL was notified of this about two weeks ago.  To exploit
) this bug, send a hyperlink in this format: aim:addbuddy?=screenname
I just sent <a href="aim:addbuddy?=screenname">what does this show up as</a>?
to an AOL AIM 2.0.996 user and once she *clicked* on it AIM crashed. I don't
know if you meant to say that the user had to click on it for the client to
crash, or if this is indeed different behaviour. I also just tried it with
"screenname" replaced with first her screenname, and then with mine, again
with no automatic reaction.

(sent from linuxkitty, a naim-0.9.4-parse2 user, to <victim>, an AOL AIM
2.0.996 user)
[15:59:43] linuxkitty: [LINK:href="aim:addbuddy?=screenname":what
does this show up as]?
[16:00:23] Friend <victim> has just logged off :(
[16:03:09] Friend <victim> is now online =)
[16:14:14] linuxkitty: [LINK:href="aim:addbuddy?=<victim>":miaow
miaow] (don't click on that, I'm just testing something)
[16:14:50] linuxkitty: [LINK:href="aim:addbuddy?=linuxkitty":anoth
er test...]

--
Daniel Reed <nml.org>
Many a false step is made by standing still...

• Next message: Adam Brown: "Re: AOL Instant Messenger URL Crash"
• Previous message: Shadow: "Bash Bug"
• In reply to: Adam Brown: "AOL Instant Messenger URL Crash"
• Next in thread: Adam Brown: "Re: AOL Instant Messenger URL Crash"