Strumpf Noir Society Advisories ! Public release ! <--# -= Mirabilis ICQ WebFront Plug-in Denial of Service =- Release date: Saturday, April 28, 2001 Introduction: WebFront is a plugin for Mirabilis' ICQ messaging program which allows a user to setup a web page through ICQ. ICQ WebFront is available for ICQ from vendor Mirabilis' website: http://www.icq.com Problem: The web server on which this plugin relies is susceptible to a DoS attack through a malformed GET request. If this request contains 86 or more %'s or combinations of %'s with other characters (for example ascii encoded dots or backslashes) the ICQ program will begin consuming 100% cpu and will become unresponsive. A restart of the program is required to regain full functionality. (..) Solution: This problem has been brought to the vendors attention, however no fixes appear to be forthcoming at this time, we were only able to get a "your message has been forwarded to the appropiate address" response. This was tested against ICQ2000b Build 3278 running on MS Win2k. yadayadayada SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html) compliant, all information is provided on AS IS basis. EOF, but Strumpf Noir Society will return!
