My girlfriend was on the internet today and someone sent her a AOL Instant Kiss! AOL Instant Kiss is a e-mail that will steal your Screen name and password if the user click's on it the sends the information back to the Script Kiddy... This Subj: Someone has been thinking of you! < /html>< font ptsize=1>
Date: 2/9/02 2:53:18 PM Pacific Standard Time
From: ktsfr
BCC: Ezkmogrl420




AOL Insta-Kiss

Dear AOL Member


Someone thinks very highly of you and has sent you an AOL Insta-Kiss.
The AOL Insta-Kiss is a way for people to express their emotions for others
with America Online. The Insta-Kiss can be the start of a long lasting
romance
or a way to show that special someone just how much you care.

To view your AOL Insta-Kiss Click Here.

Would you like to send me or someone else a kiss?
It's easy with Love@AOL's InstaKiss.

The AOL Insta-Kiss is just one of the many cool things
you can find in Love@AOL. You have been sent an AOL Insta-Kiss

Where it says click here to view your AOL INSTANT KISS I held my cursor over the link and it said http://greetings.aol.com@209.202.218.12/al4/instant kiss so I did a scan to see who it was and this was the results

Stealth Report
Stealth report for www.angelfire.com (209.202.218.12)
Date: 2/9/02 6:05:04 PM

Scan Rule: Top 20 Scan

209.202.218.12
Host name: www.angelfire.com
Port: 80
Server: Apache/1.3.9 (Unix) FrontPage/5.0.2.2510

Server may have HTTP vulnerabilities/exposures. (12 items)

Special Request
Risk Level: High
Location: http://209.202.218.12/MSADC/..%%35%6...32/cmd.exe?/c+

IIS Unicode Vulnerability.


Special Request
Risk Level: High
Location: http://209.202.218.12/MSADC/..%%35c....32/cmd.exe?/c+

IIS Unicode Vulnerability.


Special Request
Risk Level: High
Location: http://209.202.218.12/cgi-bin/..%%35....exe?/c+dir+c:

IIS Unicode Vulnerability.


Special Request
Risk Level: High
Location: http://209.202.218.12/msadc/..%%35%6...32/cmd.exe?/c+

IIS Unicode Vulnerability.


Special Request
Risk Level: High
Location: http://209.202.218.12/msadc/..%%35c....32/cmd.exe?/c+

IIS Unicode Vulnerability.


Special Request
Risk Level: High
Location: http://209.202.218.12/pbserver/..%%3....exe?/c+dir+c:

IIS Unicode Vulnerability.


Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%bg%...cmd.exe?/c+dir

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.


Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%bg%...cmd.exe?/c+dir

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.


Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%bg%...cmd.exe?/c+dir

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.


Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%cg%...cmd.exe?/c+dir

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.


Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%t0%...cmd.exe?/c+dir

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.


Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%t0%...cmd.exe?/c+dir

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

How can I get this guy to stop sending mail to my AOL ACCOUNTS!I called AOL they did nothing ...
I put the changed all the privacy settings high.