Previous articleBack to news listNext article
|
Sponsored links |
Want to become one of our authors and see your work published on ALLSeek.iNFO ?
|
| AOL Instant Messenger (AIM) File Sharing Bug May Let Remote Users Silently Force Downloads |
|---|
Categorie: Vulnerability
Posted: 2002-11-27 by ReCall
Views: 384
Source: Click here
| Current Rating: Not rated
|
|
| Details |
|---|
Description: Infested Nexus reported a vulnerability in AOL Instant Messenger (AIM). A remote user can force a target user to silently download a file if file sharing is permitted, even if the target user does not accept the file.
It is reported that a remote user can send an arbitrary file with the name "[screen name].lst" to a target buddy user that has file sharing enabled. The target user's system will reportedly download the file automatically, regardless of whether they accept the download or not.
According to the report, the tests work on Microsoft Windows 9x systems but may not work on Windows NT systems, as Windows NT systems use a "listing.txt" file instead of a ".lst" file.
Impact: A remote user can force a target user to download a file.
Solution: No solution was available at the time of this entry.
|
| Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=375
|
| User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
|
Previous articleBack to news listNext article
|
