elijah wright wrote: >>This is very similar to the AIM overflow recently discovered. >>ICQ protocol uses the same TLV (2711) packet and there is a similar >>weakness in the parsing of the packet. >> > > duh, that's because its essentially the same protocol. :) I disagree: there is an important distinction between the protocol (the rules) and the parsing of the data (the implementation). > ICQ clients should probably be viewed with the same suspicion as the > vulnerable AIM clients. This assumes that the coders who developed ICQ made the same errors as the codes who developed AIM. I happen to agree, but not because they use the same protocol. I agree because many programmers do not know how to code (and parse) safely... 'ken'
