ICQ is known to have a few remote bugs. I use meebo.com instead of a client due to these issues.
On Fri, Feb 13, 2009 at 5:57 PM, Leon Juranic <[email protected]>wrote: > > Hi, > > It could be quite possible, although, I can't confirm it. But, after > analysis of recent ICQ6 vulnerability, I'm under impression that there are > more similar vulnerabilities in it. > > ICQ6 vulnerability: > http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2008-04-08 > > > Regards, > Leon Juranic > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Darren > Reed > Sent: Friday, February 13, 2009 10:01 AM > To: [email protected] > Subject: [Full-disclosure] ICQ 6 protocol bug? > > For some time now I've seen ICQ receive messages, from unknown people, > occassionally make the client "core dump'. The messages are often > gibberish - more like the ASCII characters from someone trying to make > it execute something it shouldn't. > > My interpretation of this is unknown parties are trying to exploit a bug > in ICQ6 (it may work on Win2k or Win98...) but I might be wrong. I need > to fire up wireshark to see what actually get sent. > > Has anyone else seen this? > Or have details on what the hack is? > > Google found some hits for "old bugs", older than ICQ6.... > > Darren > -- > Darren Reed > [email protected] > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- http://www.astorandblack.com
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
