AOL IM 'Away' message flaw deemed critical
Published August 09, 2004
Source Info World
America Online (AOL) confirmed the existence of the software vulnerability in an AIM feature that allows users to post automatic replies, such as "I'm away" messages, to instant messages (IMs) that they receive. The company is planning to release a test version of the AIM client later this week that will fix the hole, said Andrew Weinstein, an AOL spokesman.
The security hole was discovered by iDefense Inc. of Reston, Virginia, a computer security intelligence company. A flaw in an AIM component called the "goaway" function allows an attacker to cause a buffer overrun on machines running AIM. Attackers could trigger the flaw by feeding a large amount of data to the goaway function, possibly using a URL (uniform resource locator) embedded in an instant message to the user.
About the Author
Robert T DeMarco is CEO of IP Group in Herndon VA. IP Group offers software communication tools for use on the Internet. These include: PowerTools, Watch Right, Always on Time and IM Frame. Mr. DeMarco is the author/editor of several Weblogs and is also a member of the High Tech Crimes Industry Association (HTCIA). Mr. DeMarco has university level and corporate training and teaching experience, spent 20 years on Wall Street, acted as CEO of a small software company, and is currently discovering the world of blogging.
Send me Email
Other Blogs and Resources
My name is Robert T DeMarco and I am a caregiver by choice. For those of you unfamiliar with the term "caregiver" it means someone who is responsible for the care and well-being of another, in my case, my 90-year-old mother who has Alzheimer's. There are millions of caregivers spread across the world, and perhaps surprisingly, 41% of us are male. I have a series of blogs including The Alzheimer’s Reading Room Weblog , The CareGiver Weblog , and The Robert T DeMarco Weblog .
- AOL IM 'Away' message flaw deemed critical
- Published: August 09, 2004
- Type:
- Section: Sci/Tech
- Filed Under: Culture: Administrative, Culture: Business and Economics, Sci/Tech: Internet, Culture: Media, Sci/Tech: Science, Sci/Tech: Software
- Writer: All American Investor
- All American Investor's BC Writer page
- All American Investor's personal site
- Spread the Word
- Like this article?
- Email this
Save to del.icio.us
Comments on this articleComments
Add your comment, speak your mind
(Or ping: http://blogcritics.org/mt/tb/18452)
