|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: leon (leon
inyc.com)Date: Sat Sep 29 2001 - 19:08:24 CDT
Forget it blue boar those are the wrong packets. Maybe just post it
without the packets.
-----Original Message-----
From: leon [mailto:leoninyc.com]
Sent: Saturday, September 29, 2001 7:34 PM
To: 'vuln-devsecurityfocus.com'
Subject: FW: AOL IM 4.7 d0s 0-Day
-----Original Message-----
From: leon [mailto:leoninyc.com]
Sent: Saturday, September 29, 2001 7:32 PM
To: 'vuln-devsecurityfocus.com'
Subject: AOL IM 4.7 d0s 0-Day
Hi everyone,
There is currently a 0-Day exploit for aol im that allows anyone to boot
you just by sending an im, It is similar to the old ̂ bootstring.
I have managed to get a debug of it along with a capture of the packets.
Can anyone help me figure out how to defend against this or in the very
least explain what is going on (since I don't have coding skillz). I
managed to capture the packets with iris 2.0 and they are now .cap
files. Can anyone help me A) recreate the exploit & B) tell me how to
defend against it?
Cheers,
Leon
Please mail me offline for the debug
- application/octet-stream attachment: 1st_packet.cap
- application/octet-stream attachment: 2nd_packet.cap
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]