[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fwd: Re: AIM Password theft]

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: [Fwd: Re: AIM Password theft]
From: DarkKnight <mbuzz04@xxxxxxxxx>
Date: 24 Sep 2003 18:59:48 -0000

In-Reply-To: <3F7077FE.70303@xxxxxxxxxxxxx>

That method of stealing was taken from my website, "counter" is used to trick 
users into thinking that the script is just for a counter, but in reality it is 
just the object vulnerability. Anyways, AIM will do nothing to fix this. Why? 
Because it is not a vulnerability within AIM, nor is it really there problem. 
Prevention-

1. Do not save passwords
2. Delete registry data (only if you use test buddy [staff aim], the passwords 
are in plain text)
3. Get a firewall
4. Update/Get a Virus Scanner
5. Get an IE patch

Do the above and you will be A-Okay, AIM-wise and all around security wise.

- DarkKnight (of http://www.insecureonline.com)

Follow-Ups:
- Re: [Fwd: Re: AIM Password theft]
  - From: jelmer

Prev by Date: Re: AIM Password theft
Next by Date: Re-Boot Design ASP Forum SQL injection Vulnerability
Previous by thread: RE: [Fwd: Re: AIM Password theft] VU#865940
Next by thread: Re: [Fwd: Re: AIM Password theft]
Index(es):
- Date
- Thread