AIM security vulnerability

Reply Subscribe

Thread Tools

Jan 3, 2002 | 06:26 AM

#11

Gregg

Registered User

Joined: Oct 2000

Posts: 1,443

Likes: 0

From: Arlington

Quote:

Originally posted by airsport
Where can I find Trillian??

Well, since you failed to click on the link Josh3io provided four words into his original post, you can go to http://www.trillian.cc

This app has been getting a lot of notice lately not only for its integration of multiple IM systems but also for the way it implements its "skins" via XML. Very slick.

Jan 3, 2002 | 07:44 AM

#12

Sondra S2K

Registered User

Joined: Oct 2000

Posts: 3,307

Likes: 2

From: Austin

Quote:

Originally posted by Gregg

Well, since you failed to click on the link Josh3io provided four words into his original post...

Is someone a little cranky today???

Jan 3, 2002 | 08:02 AM

#13

Gregg

Registered User

Joined: Oct 2000

Posts: 1,443

Likes: 0

From: Arlington

Quote:

Originally posted by Sondra S2K
Is someone a little cranky today???

No, just that my attention spans at least five words and I thought I was at the low end of the scale.

For those that care, AOL will be implementing a server-side fix that does not require an client change. For more information click here or (for those of you that have already nodded off......) http://news.cnet.com/news/0-1005-200-83475....html?tag=mn_hd

Jan 3, 2002 | 12:45 PM

#14

rolotomasu

Registered User

Joined: Sep 2001

Posts: 938

Likes: 0

From: Bay Area

Damn. My company just shut down all usage of AIM this morning. They followed up with a global voice message summarizing the article you just posted. I feel kinda lost without my AIM.

Jan 3, 2002 | 01:12 PM

#15

SteveUCI

Registered User

Joined: Jan 2001

Posts: 6,455

Likes: 0

From: Glendale/Burbank/LA

[QUOTE]Originally posted by rolotomasu
[B]Damn.

Jan 3, 2002 | 01:34 PM

#16

josh3io

Thread Starter

Registered User

Joined: Oct 2000

Posts: 2,584

Likes: 0

From: Mountain View

Quote:

Originally posted by Gregg

Well, since you failed to click on the link Josh3io provided four words into his original post, you can go to http://www.trillian.cc

thanks gregg

Jan 3, 2002 | 01:52 PM

#17

SteveUCI

Registered User

Joined: Jan 2001

Posts: 6,455

Likes: 0

From: Glendale/Burbank/LA

Can anyone tell me if this is a related issue?

http://members.ozemail.com.au/~geoffch/security/aim/

Jan 3, 2002 | 02:15 PM

#18

josh3io

Thread Starter

Registered User

Joined: Oct 2000

Posts: 2,584

Likes: 0

From: Mountain View

Quote:

Originally posted by SteveUCI
Can anyone tell me if this is a related issue?

http://members.ozemail.com.au/~geoffch/security/aim/

different.

Jan 3, 2002 | 02:17 PM

#19

josh3io

Thread Starter

Registered User

Joined: Oct 2000

Posts: 2,584

Likes: 0

From: Mountain View

Quote:

Originally posted by Gregg

No, just that my attention spans at least five words and I thought I was at the low end of the scale.

For those that care, AOL will be implementing a server-side fix that does not require an client change. For more information click here or (for those of you that have already nodded off......) http://news.cnet.com/news/0-1005-200-83475....html?tag=mn_hd

A server-side fix does nothing to prevent a malicious programmer from attacking clients directly, bypassing the central server. The buffer overflow is in the client and that is where AOL needs to get their asses in gear to fix the problem.