aim buffer overflow video
Results 1 to 7 of 7

Thread: aim buffer overflow video

  1. #1
    Senior Member
    Join Date
    Sep 2003
    Posts
    101

    aim buffer overflow video

    this was posted on bugtraq. thought it was interesting. Also leads me to beleive that it will most likely work on any version of aim...

    http://www.dotshell.net/aim.swf
    chown -r us ./bases

  2. #2
    Junior Member
    Join Date
    Feb 2006
    Posts
    17
    Just a question, lets say you have something to send a aim message using a name too long, would this in theory cause the receiver to have a buffer overflow?

    and can this really be used in a maliciou way?

  3. #3
    Banned
    Join Date
    Feb 2006
    Posts
    1
    Just a question, lets say you have something to send a aim message using a name too long, would this in theory cause the receiver to have a buffer overflow?

    and can this really be used in a maliciou way?
    lol

  4. #4
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    I think the only way for that to be exploited would be to force someone else to view your profile through a link but there is no aim: command that has to do with profiles that I know of.

  5. #5
    Banned
    Join Date
    Jan 2006
    Posts
    32
    One thing I can think of that would work in theory would be to do

    aim:addbuddy?screenname= whatevername

    that in theory would work... I think there is also some aim code that allows you to send a message... but I can't remember right now. I know there is one that allows you to change to set someone's away message if they click on the link.

  6. #6
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    aim:goim
    aim:gochat
    aim:addbuddy
    aim:buddyicon
    aim:getfile

    are all the ones I know of... None of them have to do with viewing profiles so I dont think it is possible to exploit it remotely even via a link.

  7. #7
    Banned
    Join Date
    Jan 2006
    Posts
    32
    hmm... I will have to work on some code for that then. Always a good idea to have some laying around.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •