[prev in list] [next in list] [prev in thread] [next in thread] 

List:       security-basics
Subject:    AIMThief/AIM Vulnerability
From:       Kimberly Anne McKinnis <elf () nauticom ! net>
Date:       2001-08-31 20:06:48
[Download RAW message or body]

Hey all... I happened upon this article on the macintosh security site
[http://www.securemac.com/aimpasswordthief.php]

Theres a program called AIMThief for the mac which allows someone to
hijack an AIM account under 10 characters and change the password. It
doesn't seem to pose any threat as far as networks are concerned, but I
thought any AIM users may be interested. There hasn't been any comment
from AOL yet about if they plan on fixing/patching this.

Technical details from the site:
AIMThief tries to access a AIM account, once a name is inputted, it will
sign onto AOL. Using the AOL 2.7 P3 protocal, and language called FDO88,
it attempts to make a new temporary account (using the aH token) with
the name for the AIM you want to steal. If the new account is
successfully made, the program accesses an AOL keyword ("aimpass") and
ultimately changes the password to the AIM account. This is done through
chicanery to AOL's servers to fool it into thinking the AIM doesn't
exist and thereby "creating" the account with the password the attacker
specifies.


--
kimmie mckinnis
http://www.starjewel.org
icq:186072/aol:starbreiz

[prev in list] [next in list] [prev in thread] [next in thread]