Date: Fri, 19 Jul 2002 20:34:53 -0400 (EDT)
From: tuna <tuna@eurocompton.net>
To: bugtraq@securityfocus.com
Subject: AIM Exploit!!
----- 420 --------------------- 420 ---------------- 420-----------------
wh4T uP d0oDZ th1z is THE HERBaLiSER [420] br1ngin u th3 k-phr3$h3zT
w4r3z ar0und!@#$#$$
aff3ctZ: version 4.8.2790 (and lower) Windows32 AIM Client
s3v3r1ty: u c0uld g3t f1r3d duDeZ!@#!##
vulnerab1litty: u c4n m4k3 luzerS cl1k URLs they th1nk p0int elsewh3r!@@
(a r1ghte0us g00d l4f indeed!!!!!)
expl0it: s3l3ct th3 "link" button 0n th3 t00lbar in an act1v3 IM sess10n,
for l1nk teXt put 1n s0m3 PG rat3d l1nk, then 1n th3 URL b0x on
t0p puT a r34L n4Zty l1nk!@@@@ (fUn insu3z dud3Z eye sw34r
1t!!!!@) bl4mm0!!@@@ th4tz 1t n0 onethirtyseven or n0th1ng!!!
ex4mpl3 0f expl0it us3d in w1ld:
TeenSinks420: http://www.ebay.com/Show.cgi?ItemId=43520921
TeenSinks420: can i ahve loan for that
MyOLDBoSSCEO: what the
MyOLDBoSSCEO: aklshfkjahf
(l1nk r34lly p0int3d @ http://www.dms100.org/worksucks)
an0th3r sc3nar10:
HerBAliSER2k2:
http://news.yahoo.com/news?tmpl=story2&cid=362&ncid=815&e=3&u=/trib/20020719/lo_latimes/court_accepts_medical_pot_use
HerBAliSER2k2: they write story about u LOL
BANGHOLIOS signed off at 5:19:23 PM.
b1g pr0PZ t0 g0bbl3z 4 th4t apAych33 shYT buT th1Z sh1t is th3 h4rk0r
w4r3z (c4nt t0uch d1$!@@@@@@@)
- HERB
----- 420 --------------------- 420 ---------------- 420-----------------
