|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: AIM 3.0
Aviram Jenik (aviram
SECURITEAM.COM)
Thu, 28 Oct 1999 23:51:07 +0200
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Warren Young: "Re: FreeBSD listen()"
- Previous message: Sebastian: "Re: FreeBSD listen()"
- In reply to: 3APA3A: "FreeBSD listen()"
- Next in thread: Blue Boar: "Re: AIM 3.0"
----- Original Message -----
From: "Paul Keefer" <paulKEEFER.ORG>
To: <VULN-DEVSECURITYFOCUS.COM>
Sent: Thursday, October 28, 1999 7:20 PM
Subject: AIM 3.0
> I haven't seen any vulnerabilities listed for the version of
> AIM that is shipping with Netscape 4.7,
This is a good time to remind everybody that AIM opens an IP tunnel back to
AOL, effectively piercing the firewall and obviously putting the workstation
running AIM (and possibly the rest of the machines on its local network) at
risk.
I haven't checked AIM 3.0, but this was true for previous AIM versions. We
described this vulnerability in the past:
http://www.securiteam.com/securityreviews/The_risks_of_using_an_AOL_client_b
ehind_a_firewall.html
-------------------------
Aviram Jenik
SecuriTeam
http://www.SecuriTeam.com
- Next message: Warren Young: "Re: FreeBSD listen()"
- Previous message: Sebastian: "Re: FreeBSD listen()"
- In reply to: 3APA3A: "FreeBSD listen()"
- Next in thread: Blue Boar: "Re: AIM 3.0"
This archive was generated by hypermail 2.0b3 on Sat Oct 30 1999 - 16:20:12 CDT