* via http://theMezz.com/lists

* subscribe at http://techPolice.com

AOL's Messenger Ripe for Hacking
By Michelle Delio
2:20 p.m. Jan. 2, 2002 PST
A newly-discovered security hole in America Online's Instant Messenger program can 
give malicious hackers access to, and control over, Windows PCs running the latest 
version of the application.

According to researchers at w00w00, a nonprofit security group, the latest release 
version of AOL Instant Messenger (AIM) (4.7.2480) as well as the most recent beta 
version (4.8.2616) have a "serious" security vulnerability.

The vulnerability, exploited through a flaw in the AIM code that processes a "games" 
request, allows remote penetration of systems without any indication as to who 
performed the attack. Hackers can use the "Play Game with a Buddy" option to send a 
bulk of garbage text that will cause a memory overflow in the recipient's AIM 
software. Hackers then gain control of the user's PC.

Security firm Vigilinx likewise released a warning Wednesday morning advising all AIM 
users to not use the AIM service until a corrected version of the application is 
released. Vigilinx further advised corporate security managers not to allow the AIM 
service to be installed on business computers, and to remove it from any current 
users' systems.

"(AIM) is not a program that should be used on corporate systems," Gerald Fresse, 
director of intelligence at Vigilinx. "There are enough vulnerabilities in primary 
systems to address without adding those that arise from (software) not essential to 
the conduct of business."

The vulnerability does not affect AIM on other platforms because the non-Windows 
versions do not yet support the feature, which enables users to play multiplayer games 
online with other AIM users.

Vigilinx and w00w00 e-mailed AOL regarding the problem but did not received replies 
Calls and e-mails from Wired News to AOL also did not receive an immediate reply.

Matt Conover of w00w00 has posted an exploit to demonstrate the potentials of the AIM 
security hole. A test of w00w00's sample code by Wired News verified that the flaw is 
easy to exploit.

Once hackers gain access to a computer through the vulnerability, they could see and 
manipulate any files on the hard drive.

"W00w00 has always taken the stance of including all the information we have available 
on a particular security issue," Conover said. "In addition, the (posted) exploit is 
more a proof-of-concept. It will not actually do anything."

Conover said that normally w00w00 would have also attempted to provide a free fix for 
the security hole, but since it is illegal to reverse engineer the AIM code according 
to AIM's license agreement w00w00 is unable to provide a patch that will modify it.

Instead, w00w00 recommends users download the AIM Filter from Robbie Saunders to 
protect themselves.

According to America Online, more than 100 million people have installed AIM.


Send all your buddies online cards and make their day!
These cards are guaranteed to make them smile! 
Click below to check them out.                                                        

--via http://techPolice.com
archive: http://theMezz.com/cybercrime/archive
subscribe: [EMAIL PROTECTED]
--via http://theMezz.com

This email was sent to: archive@jab.org

EASY UNSUBSCRIBE click here: http://topica.com/u/?b1dhr0.b2EDp2
Or send an email to: [EMAIL PROTECTED]

T O P I C A -- Register now to manage your mail!

Reply via email to