What the hell is this thread about?

-----Original Message-----
From: zeno [mailto:bugtraqcgisecurity.net]
Sent: Tuesday, October 15, 2002 10:05 AM
To: H D Moore
Cc: Dave Aitel; dandoxpara.com; vuln-devsecurityfocus.com
Subject: Re: /instmsg/alias/annoying_web_logs ;)

>
> I get billions of these things too, its part of some MSN groups/chat
> thing, essentially it takes requests the "alias" of the email address
> (daveimmunitysec.com => /instmsg/alias/dave). Might be fun to send back

These things are damn annoying. I get probably 5 of these a day and 1 person
keeps checking me every
few hours.

> some looooong responses ;) My favorites are all the ones that originate
> from microsoft "tide" addresses... They send me some funny referrers from
> their intranet servers once in a while too.
>

Ha.

> ---
> "Immunity also gets a lot of requests for /instmsg/alias/dave, which
> doesn't exist. I'm curious what web client plugin causes this behavior.
> And, I've noticed FrontPage makes PROPFIND, /_vti_bin/shtml.dll, and
> other FrontPage-style requests. Somewhere here I smell an exploitable
> client-side vulnerability."
> ---
>

I'm curious do we know this is MSN messanger? Anybody else know if AIM or
another client sends
these requests?

- zeno

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]