This appears to be a quite cynical attempt at "fixing" a problem. The fact is that all the AIM clients still contain the buffer overflow revealed in Matt's advisory. All that is required now is for some enterprising soul to construct an exploit that locates listening clients and exploits them directly, rather than through the AOL servers. How long do you think that will take? 5 hours? --On Thursday, January 03, 2002 1:41 PM -0800 Mark Coleman <mcoleman@uniontown.com> wrote: > AIM fixed? Can anyone confirm? > > http://www.msnbc.com/modules/exports/ct_email.asp?/news/680950.asp Paul Schmehl (pauls@utdallas.edu) Supervisor of Support Services The University of Texas at Dallas AVIEN Founding Member
