it was fixed this morning AOL returns a nice message too: Error: message to <screenname here> bounced (Busted SNAC payload) > AIM fixed? Can anyone confirm? > > http://www.msnbc.com/modules/exports/ct_email.asp?/news/680950.asp > > Thanks, > > Mark C. > > > ----- Original Message ----- > From: Matt Conover <shok@dataforce.net> > To: Paul Schmehl <pauls@utdallas.edu> > Cc: <bugtraq@securityfocus.com> > Sent: Wednesday, January 02, 2002 12:00 PM > Subject: Re: AIM addendum > > > > > The temporary solution you provide would only protect you so long as all > > > the buddies on your list were not compromised. As soon as one buddy is > > > compromised, then you are vulnerable *through* that buddy. Or am I not > > > clearly understanding this exploit? > > > > Yes, which is why in the original advisory we recommended AIM filter be > > installed. This will block the attack from anyone. So only allowing your > > buddies to contact you in addition to installing AIM filter will keep you > > secure until a new version of AIM comes out. > > >
