AOL Instant Messenger Remote Hole

The DSL Guy writes: "The non-profit security team w00w00.org started off 2002 by uncovering a serious flaw in AOL's Instant Messenger protocol. With over 100 million people registered on the AIM service, this vulnerability poses a serious security risk for Internet users worldwide. This flaw can enable remote users to execute code on any machine logged into the AOL IM service. "So easy to hack, no wonder it's number one!" Details can be found at the w00w00 site."

Ok...

[Wind_Walker]

I had to run that post through my translator, hold on:

The non-profit security team w00w00.org...
Translating...
The juvenile h4x0r kiddies at w00w00.org...

uncovering a serious flaw in AOL's Instant Messenger protocol
Translating...
illegally reverse-engineered a crack into AOL's IM protocol

I can't believe that Slashdot is propogating this crap. This stuff is not something we want to get out to the public! Yes, these crackers found a hole in AOL. The problem is server-side and will be fixed in a few days. In the mean time, Slashdot has just propogated this information (and the crack) to millions of people worldwide.

I don't know about you, but that sounds pretty irresponsible to me.

Yet another reason

[the_rev_matt]

I stopped using ICQ years ago because it was so script-kiddie friendly and AIM not long after. I'm quite happy using Jabber with a gateway to Yahoo Messenger, thankyouverymuch.

Now if we started calling them...

[jfancher]

Another example of why viri/worms/etc should include the OS they apply to i.e. The Windows/AIM vulnerability or the Microsoft/AIM vulnerability or the Microsoft Code Red virus. You get the idea. Eventually even MSCE would get the idea that the majority of the security problems are associated with a particular operating system.