|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: VeNoMouS (venom
phreaker.net)Date: Sun Sep 30 2001 - 00:27:47 CDT
run ethereal or something and get a proper packet log, that way if iris is
missing any certain char least ethereal would grab it, and we could
actally tell you whats going on.
----- Original Message -----
From: leon <leoninyc.com>
To: <vuln-devsecurityfocus.com>
Sent: Sunday, September 30, 2001 12:08 PM
Subject: FW: AOL IM 4.7 d0s 0-Day
> Forget it blue boar those are the wrong packets. Maybe just post it
> without the packets.
>
>
> -----Original Message-----
> From: leon [mailto:leoninyc.com]
> Sent: Saturday, September 29, 2001 7:34 PM
> To: 'vuln-devsecurityfocus.com'
> Subject: FW: AOL IM 4.7 d0s 0-Day
>
>
>
> -----Original Message-----
> From: leon [mailto:leoninyc.com]
> Sent: Saturday, September 29, 2001 7:32 PM
> To: 'vuln-devsecurityfocus.com'
> Subject: AOL IM 4.7 d0s 0-Day
>
> Hi everyone,
>
> There is currently a 0-Day exploit for aol im that allows anyone to boot
> you just by sending an im, It is similar to the old ̂ bootstring.
> I have managed to get a debug of it along with a capture of the packets.
> Can anyone help me figure out how to defend against this or in the very
> least explain what is going on (since I don't have coding skillz). I
> managed to capture the packets with iris 2.0 and they are now .cap
> files. Can anyone help me A) recreate the exploit & B) tell me how to
> defend against it?
>
> Cheers,
>
> Leon
>
> Please mail me offline for the debug
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]