America Online's Instant Messenger (AIM) contains a remotely exploitable buffer overflow vulnerability.
AOL Instant Messenger is a program for communicating with other users over the Internet and is widely used. During a buddy list transfer, a buffer overflow may occur. It has not been determined if this transfer happens via peer-to-peer, peer-to-server-to-peer, or both types of connections.
A denial-of-service situation is caused. It has not been determined if this vulnerability can lead to the remote execution of code.
Users can mitigate this vulnerability by upgrading AIM to version 4.8.2790 or higher. It is also reported that on March 14, 2002 AOL implemented server-side filtering to mitigate this vulnerability.
Block AIM Authentication at the Firewall
Blocking connections to login.oscar.aol.com on port 5190/tcp may prevent users on the local network from authenticating to the AIM server. This may be sufficient to prevent the vulnerability from being exploited.
AOL Time Warner Affected
Notified: March 04, 2002 Updated: June 13, 2002
Upgrade to AIM 4.8.2790 or higher.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Our thanks to AOL Time Warner for their help in analyzing this vulnerability.
This document was written by Jason Rafail.
|Date First Published:||2002-06-11|
|Date Last Updated:||2002-06-19 15:00 UTC|